Description
Cross-site scripting (XSS) vulnerability in Peter's Random Anti-Spam Image 0.2.4 and earlier plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the comment field in the comment form.
Remediation
References
Related Vulnerabilities
WordPress Plugin Booking calendar, Appointment Booking System Security Bypass (2.2.2)
WordPress Plugin AdRoll for WooCommerce Stores Unspecified Vulnerability (2.2.5)
ATutor Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3368)
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1599)