Description
WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks. WordPress version 2.1.1 is vulnerable; other versions may also be affected.
Remediation
Update to WordPress version 2.1.2 or latest
References
http://www.securityfocus.com/archive/1/461440
http://packetstormsecurity.org/files/view/54793/wp211-csrfxss.txt
Related Vulnerabilities
Oracle JRE CVE-2013-1484 Vulnerability (CVE-2013-1484)
WordPress Plugin WP Support Plus Responsive Ticket System SQL Injection (7.1.4)
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27900)
WebLogic CVE-2020-14589 Vulnerability (CVE-2020-14589)
Jenkins Incorrect Authorization Vulnerability (CVE-2021-21692 )