Description

Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2011-4956

Related Vulnerabilities

Internet Information Services Other Vulnerability (CVE-2001-0506)

WordPress Plugin PayPlus Payment Gateway SQL Injection (6.6.8)

WordPress Plugin My Calendar Cross-Site Scripting (3.2.17)

WordPress Plugin WP-DownloadManager Cross-Site Scripting (1.67)

WordPress Plugin Coupon Creator Cross-Site Request Forgery (3.1)

Severity

Medium

Classification

CVE-2011-4956 CWE-707

Tags

Missing Update Known Vulnerabilities