logo
DATABASE RESOURCES PRICING ABOUT US

Wordpress <= v2.1.0

Description

If you're logged in into wordpress as an admin, your comments aren't properly sanitized, thus allowing an XSS to be posted. This can be exploited using XSRF techniques. More info & PoC: http://www.virtuax.be/advisories/Advisory4-20022007.txt