4 matches found
CVE-2007-4893
wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress multi-user MU before 1.2.5a does not properly verify the unfilteredhtml privilege, which allows remote attackers to conduct cross-site scripting XSS attacks via modified data to 1 post.php or 2 page.php with a nofilter field...
CVE-2007-4893
wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress multi-user MU before 1.2.5a does not properly verify the unfilteredhtml privilege, which allows remote attackers to conduct cross-site scripting XSS attacks via modified data to 1 post.php or 2 page.php with a nofilter field...
CVE-2007-4893
CVE-2007-4893 affects WordPress before 2.2.3 and WordPress MU before 1.2.5a, where unfiltered_html privilege is not properly verified, enabling cross-site scripting via modified data to post.php or page.php with a no_filter field. Exploitation details and affected versions are corroborated by mul...
CVE-2007-4893
wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress multi-user MU before 1.2.5a does not properly verify the unfilteredhtml privilege, which allows remote attackers to conduct cross-site scripting XSS attacks via modified data to 1 post.php or 2 page.php with a nofilter field...