3 matches found
CVE-2026-9060
The Store Locator WordPress plugin before 1.6.6 does not sanitize and escape one of its settings before storing it and outputting it on the Store Locator WordPress plugin before 1.6.6 admin page, allowing high-privileged users such as administrators to perform Stored Cross-Site Scripting attacks...
EUVD-2008-0626
Malware in sbrugna...
FreeBSD : wordpress -- XSS in administration panel (200)
The following package needs to be updated: wordpress %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg12b7b4cf1d5311d9814e0001020eed82.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...