Description
WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent rendering for (1) admin or (2) login pages inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
Remediation
References
Related Vulnerabilities
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.2.0.727)
WordPress Plugin http:BL Multiple Vulnerabilities (1.9.1)
Drupal Core 9.2.x Multiple Vulnerabilities (9.2.0 - 9.2.14)
WordPress Plugin Broken Link Checker Cross-Site Scripting (1.10.5)
Internet Information Services Other Vulnerability (CVE-2000-0457)