Description

Cross-site scripting (XSS) vulnerability in Peter's Random Anti-Spam Image 0.2.4 and earlier plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the comment field in the comment form.

Remediation

References

CVE-2007-6677

Related Vulnerabilities

PHP Improper Input Validation Vulnerability (CVE-2014-3710)

Joomla Use of Insufficiently Random Values Vulnerability (CVE-2012-1562)

WebLogic CVE-2022-21258 Vulnerability (CVE-2022-21258)

XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-29202)

Joomla CVE-2018-17859 Vulnerability (CVE-2018-17859)

Severity

Medium

Classification

CVE-2007-6677 CWE-707

Tags

Missing Update Known Vulnerabilities