Description
Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the popuptitle parameter to (1) wp-admin/post.php or (2) wp-admin/page-new.php.
Remediation
References
Related Vulnerabilities
OpenSSL Cryptographic Issues Vulnerability (CVE-2013-6449)
Internet Information Services Other Vulnerability (CVE-2000-0886)
WordPress Plugin CWIS-Antivirus Security Scanner Unspecified Vulnerability (2.3.2)
PHP Numeric Errors Vulnerability (CVE-2014-3587)
Moodle Improper Privilege Management Vulnerability (CVE-2017-7489)