Description

Multiple cross-site scripting (XSS) vulnerabilities in the "post comment" functionality of WordPress 2.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) website, and (3) comment parameters.

Remediation

References

CVE-2006-0985

Related Vulnerabilities

MySQL CVE-2020-14547 Vulnerability (CVE-2020-14547)

WordPress Plugin NextGEN Gallery-WordPress Gallery Arbitrary File Upload (2.1.10)

WordPress Plugin Event List Cross-Site Scripting (0.7.9)

WordPress Plugin Security & Malware scan by CleanTalk Security Bypass (2.50)

OpenSSL Session Fixation Vulnerability (CVE-1999-0428)

Severity

Medium

Classification

CVE-2006-0985

Tags

Missing Update Known Vulnerabilities