DEBIAN-CVE-2013-2201
Multiple cross-site scripting XSS vulnerabilities in WordPress before 3.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 uploads of media files, 2 editing of media files, 3 installation of plugins, 4 updates to plugins, 5 installation of themes, or 6 updat...