Description
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage.
Remediation
References
Related Vulnerabilities
MySQL CVE-2012-3156 Vulnerability (CVE-2012-3156)
WordPress Improper Input Validation Vulnerability (CVE-2008-2392)
WordPress Plugin Conditional Marketing Mailer for WooCommerce Cross-Site Request Forgery (1.5.2)
WordPress Plugin Anti Plagiarism Cross-Site Scripting (3.60)
WordPress Plugin Safe Editor Unspecified Vulnerability (1.1)