Description

Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 and earlier allow remote attackers to execute arbitrary commands via the (1) content or (2) title of the post.

Remediation

References

CVE-2005-1102

Related Vulnerabilities

WordPress Plugin Job Manager Security Bypass (0.7.25)

WordPress Plugin NewStatPress Cross-Site Scripting (1.0.5)

Magento Violation of Secure Design Principles Vulnerability (CVE-2021-28583)

Sqlite Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-45346)

Drupal Core 8.x Security Bypass (8.0.0 - 8.5.5)

Severity

Medium

Classification

CVE-2005-1102

Tags

Missing Update Known Vulnerabilities