4 matches found
DEBIAN-CVE-2007-1894
Cross-site scripting XSS vulnerability in wp-includes/general-template.php in WordPress before 20070309 allows remote attackers to inject arbitrary web script or HTML via the year parameter in the wptitle function...
CVE-2007-1894
Cross-site scripting XSS vulnerability in wp-includes/general-template.php in WordPress before 20070309 allows remote attackers to inject arbitrary web script or HTML via the year parameter in the wptitle function...
CVE-2007-1894
CVE-2007-1894 describes an XSS in WordPress via the year parameter in wp_title, in the file wp-includes/general-template.php, before 20070309. The linked Debian advisory confirms fixes in WordPress versions 2.0.10-1 and 2.1.3-1 (DSA-1285-1). Other references (NVD OSV, OSV-DEBIAN) corroborate the ...
WordPress XSS under function wp_title()
ChX Security | Advisory 1 | ============= - "WordPress XSS under function wptitle" - Data | ====== Author: g30rg3x g30rg3xatgmaildotcom Program: WordPress http://wordpress.org/ Severity: Less Critical. Type of Advisory: Mid Disclosure. Affected/Tested Versions: - Series 2.0.x: = 2.0.10-alpha -...