Description

Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2011-4956

Related Vulnerabilities

WordPress Plugin Cart66 Lite::WordPress Ecommerce Multiple Vulnerabilities (1.5.1.14)

WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Request Forgery (4.3.24)

WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler SQL Injection (5.5.0)

WordPress Plugin ThinkIT WP Contact Form Multiple Vulnerabilities (0.2)

WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Cross-Site Scripting (2.5.9.1)

Severity

Medium

Classification

CVE-2011-4956 CWE-707

Tags

Missing Update Known Vulnerabilities