Description
Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/functions.php in WordPress before 2.1.2-alpha allow remote attackers to inject arbitrary web script or HTML via (1) the Referer HTTP header or (2) the URI, a different vulnerability than CVE-2007-1049.
Remediation
References
Related Vulnerabilities
Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.9.25)
WordPress Plugin WP Support Plus Responsive Ticket System Cross-Site Scripting (9.1.1)
WordPress Plugin Widgets for WooCommerce Products on Elementor Cross-Site Scripting (1.0.7)
WordPress Plugin Direct Download for Woocommerce Arbitrary File Download (1.15)