Lucene search

K

WordPress Core 2.2.3 - '/wp-admin/post.php?popuptitle' Cross-Site Scripting

🗓️ 03 Jan 2008 00:00:00Reported by 3APA3AType 
exploitdb
 exploitdb
🔗 www.exploit-db.com👁 31 Views

WordPress Core 2.2.3 Cross-Site Scripting Vulnerabilit

Show more
Related
Code
ReporterTitlePublishedViews
Family
Debian CVE
CVE-2008-0192
10 Jan 200800:46
debiancve
Prion
Cross site scripting
10 Jan 200800:46
prion
Exploit DB
WordPress Core 2.2.3 - '/wp-admin/page-new.php?popuptitle' Cross-Site Scripting
3 Jan 200800:00
exploitdb
Patchstack
WordPress <= 2.0.9 - Multiple XSS
9 Jan 200800:00
patchstack
UbuntuCve
CVE-2008-0192
10 Jan 200800:00
ubuntucve
NVD
CVE-2008-0192
10 Jan 200800:46
nvd
Cvelist
CVE-2008-0192
10 Jan 200800:00
cvelist
CVE
CVE-2008-0192
10 Jan 200800:46
cve
source: https://www.securityfocus.com/bid/27123/info

WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. 

http://site/wp-admin/post.php?popuptitle=%22%20style=%22xss:expression(alert(document.cookie))%22

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo