CVE-2008-0192

2008-01-1000:00:00

mitre

www.cve.org

AI Score

5.8

Confidence

High

EPSS

0.007

Percentile

80.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the popuptitle parameter to (1) wp-admin/post.php or (2) wp-admin/page-new.php.

References

lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html

securityreason.com/securityalert/3539

securityvulns.ru/Sdocument714.html

websecurity.com.ua/1658/

www.securityfocus.com/archive/1/485786/100/0/threaded

www.securityfocus.com/bid/27123

exchange.xforce.ibmcloud.com/vulnerabilities/39426