CVE-2011-5207

Cross-site scripting XSS vulnerability in admin/OptionsPostsList.php in the TheCartPress plugin for WordPress before 1.1.6 before 2011-12-31 allows remote attackers to inject arbitrary web script or HTML via the tcpnamepostXXXXX parameter...

CVE-2011-5207

The CVE-2011-5207 entry concerns TheCartPress WordPress plugin. Affected component: admin/OptionsPostsList.php. Vulnerability: cross-site scripting (XSS) allowing remote attackers to inject arbitrary script/HTML via the tcp_name_post_XXXXX parameter, prior to TheCartPress 1.1.6 (before 2011-12-31...