Description
Multiple cross-site scripting (XSS) vulnerabilities in the request_filesystem_credentials function in wp-admin/includes/file.php in WordPress before 3.0.2 allow remote servers to inject arbitrary web script or HTML by providing a crafted error message for a (1) FTP or (2) SSH connection attempt.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2008-0341 Vulnerability (CVE-2008-0341)
Oracle Database Server CVE-2019-2776 Vulnerability (CVE-2019-2776)
WordPress Plugin Virtual Robots.txt Cross-Site Scripting (1.9)
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Unspecified Vulnerability (4.10.2)
Oracle HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2022-25235)