Description
Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php in WordPress before 3.3.3 allows remote attackers to inject arbitrary web script or HTML via an editable slug field.
Remediation
References
Related Vulnerabilities
WordPress Plugin CP Reservation Calendar SQL Injection (1.1.6)
WordPress Plugin Groundhogg-Marketing Automation & CRM for WordPress SQL Injection (1.3.11.13)
WebLogic CVE-2022-21560 Vulnerability (CVE-2022-21560)
WordPress Plugin Simple Events Calendar Multiple Vulnerabilities (1.3.5)
WordPress Plugin MiwoFTP-File & Folder Manager Arbitrary File Disclosure (1.0.4)