Description

Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN development versions only, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2008-3233

Related Vulnerabilities

WordPress Plugin User Registration-Custom Registration Form, Login Form And User Profile Arbitrary File Upload (3.0.2)

LimeSurvey CVE-2019-16180 Vulnerability (CVE-2019-16180)

WordPress Plugin HTML5 Video Player-Best WordPress Video Player and Block SQL Injection (2.5.24)

WordPress Plugin Catch Import Export Security Bypass (1.8)

Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1047)

Severity

Medium

Classification

CVE-2008-3233 CWE-707

Tags

Missing Update Known Vulnerabilities