CVE-2011-3856

Name of the Vulnerable Software and Affected Versions Elegant Grunge theme versions prior to 1.0.4

Description The issue is related to a cross-site scripting (XSS) vulnerability, which allows remote attackers to inject arbitrary web script or HTML. This is achieved via the s parameter.

Recommendations For versions prior to 1.0.4, update to version 1.0.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the s parameter to minimize the risk of exploitation.