Lucene search
Jeremias ReithPATCHSTACK:64625C734F3D1A2C872E028465E2FB7DHistoryNov 28, 2008 - 12:00 a.m.
WordPress RSS Feed Generator Plugin <= 2.6.4 - XSS
2008-11-2800:00:00
Jeremias Reith
patchstack.com
10
0.512 Medium
EPSS
Percentile
97.6%
Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the Host header.
Solution
Update the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rss feed generator | le | 2.6.4 |
Related
cve
cve
CVE-2008-5278
2008-11-28 19:30:00
freebsd
freebsd
wordpress -- header rss feed script insertion vulnerability
2008-11-26 00:00:00
nessus
nessus
Fedora 9 : wordpress-2.6.5-2.fc9 (2008-10483)
2008-12-03 00:00:00
Fedora 10 : wordpress-2.6.5-2.fc10 (2008-10482)
2009-04-23 00:00:00
WordPress wp-includes/feed.php self_link() Function Host Header RSS Feed XSS
2008-12-02 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: wordpress-mu-2.6.5-1.fc10
2008-12-21 08:21:29
[SECURITY] Fedora 9 Update: wordpress-2.6.5-2.fc9
2008-12-03 01:09:47
[SECURITY] Fedora 10 Update: wordpress-2.6.5-2.fc10
2008-12-03 01:20:59
openvas
openvas
Fedora Update for wordpress FEDORA-2008-10482
2009-02-16 00:00:00
FreeBSD Ports: wordpress, de-wordpress, wordpress-mu
2008-12-03 00:00:00
Fedora Update for wordpress FEDORA-2008-10483
2009-02-16 00:00:00
cvelist
cvelist
CVE-2008-5278
2008-11-28 19:00:00
prion
prion
Cross site scripting
2008-11-28 19:30:00
nvd
nvd
CVE-2008-5278
2008-11-28 19:30:00
checkpoint_advisories
checkpoint_advisories
WordPress RSS feed Generator self_link HTTP_HOST Cross-Site Scripting (CVE-2008-5278)
2009-09-30 00:00:00
Update Protection against WordPress Host Header XSS Vulnerability
2008-12-05 00:00:00
ubuntucve
ubuntucve
CVE-2008-5278
2008-11-28 00:00:00
debiancve
debiancve
CVE-2008-5278
2008-11-28 19:30:00