wordpresstheme-xss.txt
There is an XSS in the Wordpress default theme. Tested on WordPress version 2.2 Filename functions.php, line 387. Code: " $SERVER'REQUESTURI' is directly echoed to the user. This problem can be exploited if the adminstrator is logged in. Sample exploit URL...