9 matches found
Cross-Site Scripting (XSS)
WordPress is vulnerable to cross-site scripting XSS attacks. The attacks are possible because it does not filter the user supplied input to wptexturize via a comment or a post...
DSA-3085-1 wordpress - security update
Bulletin has no description...
WordPress 3.0-3.92 stored XSS vulnerability analysis&POC-vulnerability warning-the black bar safety net
! /Article/UploadPic/2014-11/2 0 1 4 1 1 2 7 1 0 5 7 1 6 1 1 7. png Overview: WordPress is a PHP language development blog platform, users can support PHP and MySQL database server set up your own website. You can also put WordPress as a CMS to use. Recently WordPress less than 3. 9 2 Version...
DEBIAN-CVE-2014-9031
Cross-site scripting XSS vulnerability in the wptexturize function in WordPress before 3.7.5, 3.8.x before 3.8.5, and 3.9.x before 3.9.3 allows remote attackers to inject arbitrary web script or HTML via crafted use of shortcode brackets in a text field, as demonstrated by a comment or a post...
CVE-2014-9031
Cross-site scripting XSS vulnerability in the wptexturize function in WordPress before 3.7.5, 3.8.x before 3.8.5, and 3.9.x before 3.9.3 allows remote attackers to inject arbitrary web script or HTML via crafted use of shortcode brackets in a text field, as demonstrated by a comment or a post...
Cross site scripting
Cross-site scripting XSS vulnerability in the wptexturize function in WordPress before 3.7.5, 3.8.x before 3.8.5, and 3.9.x before 3.9.3 allows remote attackers to inject arbitrary web script or HTML via crafted use of shortcode brackets in a text field, as demonstrated by a comment or a post...
CVE-2014-9031
Cross-site scripting XSS vulnerability in the wptexturize function in WordPress before 3.7.5, 3.8.x before 3.8.5, and 3.9.x before 3.9.3 allows remote attackers to inject arbitrary web script or HTML via crafted use of shortcode brackets in a text field, as demonstrated by a comment or a post...
CVE-2014-9031
Cross-site scripting XSS vulnerability in the wptexturize function in WordPress before 3.7.5, 3.8.x before 3.8.5, and 3.9.x before 3.9.3 allows remote attackers to inject arbitrary web script or HTML via crafted use of shortcode brackets in a text field, as demonstrated by a comment or a post...
WordPress <= 3.9.2 - XSS
This vulnerability is in the "wptexturize" function. It allows the attackers to inject arbitrary web script or HTML via crafted use of shortcode brackets in a text field, as demonstrated by a comment or a post. Solution Update WordPress...