Description
Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. NOTE: some sources have reported this as a vulnerability in the get_file_description function in wp-admin/admin-functions.php.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2019-2956 Vulnerability (CVE-2019-2956)
MySQL CVE-2020-14760 Vulnerability (CVE-2020-14760)
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Directory Traversal (4.9.9)
Oracle JRE CVE-2012-1717 Vulnerability (CVE-2012-1717)
WordPress Plugin Featured Posts by BestWebSoft Cross-Site Scripting (1.0.0)