Description

Cross-site scripting (XSS) vulnerability in wp-register.php in WordPress 2.0 allows remote attackers to inject arbitrary web script or HTML via the user_login parameter.

Remediation

References

CVE-2007-5106

Related Vulnerabilities

PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2950)

WordPress Plugin JetWidgets for Elementor and WooCommerce Local File Inclusion (1.1.7)

WordPress Plugin ND Shortcodes For Visual Composer Security Bypass (5.8)

WordPress Plugin WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection-StopBadBots Cross-Site Scripting (6.61)

WordPress Plugin YouTube Cross-Site Request Forgery (11.8.1)

Severity

Medium

Classification

CVE-2007-5106 CWE-707

Tags

Missing Update Known Vulnerabilities