Description
Cross-site scripting (XSS) vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is not properly handled during a Delete Plugin action.
Remediation
References
Related Vulnerabilities
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19594)
IBM RTC Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2020-4544)
WordPress Plugin Download Zip Attachments Arbitrary File Download (1.0.0)
MediaWiki Improper Input Validation Vulnerability (CVE-2017-8814)
Oracle Database Server CVE-2006-5334 Vulnerability (CVE-2006-5334)