WordPress 2.3.2 - wp-admin/invites.php to Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28139/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in WordPress 2.3.2 allow remote attackers to inject arbitrary web script or HTML via the 1 inviteemail parameter in an invite action to wp-admin/users.php and the 2 to parameter in a sent action to wp-admin/invites.php...

CVE-2008-1304

CVE-2008-1304 concerns WordPress 2.3.2, which is affected by multiple XSS vulnerabilities in two parameters: (1) inviteemail in wp-admin/users.php (invite action) and (2) the to parameter in a sent action to wp-admin/invites.php. The underlying issue is cross-site scripting that could allow remot...