Description
Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/functions.php in WordPress before 2.1.2-alpha allow remote attackers to inject arbitrary web script or HTML via (1) the Referer HTTP header or (2) the URI, a different vulnerability than CVE-2007-1049.
Remediation
References
Related Vulnerabilities
WordPress Plugin Events Manager Multiple Cross-Site Scripting Vulnerabilities (5.3.3)
WordPress Plugin EZP Coming Soon Page Cross-Site Scripting (1.0.0)
WordPress Plugin WordPress Related Posts Cross-Site Scripting (3.6.4)
PostgreSQL NULL Pointer Dereference Vulnerability (CVE-2016-5423)
MongoDb Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4650)