Categories

Applications (255)
Blogs (7)
Content Management (167)
Customer Relationship (4)
Discussion Boards (37)
E-Commerce (15)
General Purpose Directories (2)
Image Galleries (21)
Mailing Lists (1)
Tips (3)
Vulnerabilities (366)
Access Bypass (55)
Cross Site Scripting (138)
Denial Of Service (2)
File Inclusion (54)
Information Disclosure (15)
Privilege Escalation (2)
Remote Command Execution (17)
Session Hijacking (2)
SQL Injection (140)
« PHPX XSS & Sql Injections
Xoops Module SQL Injection »

Wordpress “”PHP_SELF” XSS

Published by CS Lee March 26th, 2007 in Content Management and Cross Site Scripting.

Application: Wordpress CMS
Version: 2.1.2 or below
Vendor’s URL: http://wordpress.org/
Bug Type: Cross Site Scripting
Risk: Low

Solution:
- Update to version 2.0.10-RC2 or 2.1.3-RC2

0 Responses to “Wordpress “”PHP_SELF” XSS”

Feed for this Entry Trackback Address
  1. No Comments

Leave a Reply

You must login to post a comment.

« PHPX XSS & Sql Injections
Xoops Module SQL Injection »

Subscribe

Latest

Archives



Valid XHTML 1.0 Transitional