CVE-2006-1263

WordPress < 2.0.2 - Cross-Site Scripting

Title source: llm

Description

Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in WordPress before 2.0.2 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

References (2)

Core 2

Core References

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/17069

Patch x_refsource_confirm

http://wordpress.org/development/2006/03/security-202/

Scores

EPSS 0.0034

EPSS Percentile 57.0%

Details

Status published

Products (14)

wordpress/wordpress 0.6.2 beta_2

wordpress/wordpress 0.6.2.1 beta_2

wordpress/wordpress 0.7

wordpress/wordpress 0.71

wordpress/wordpress 1.2

wordpress/wordpress 1.2.1

wordpress/wordpress 1.2.2

wordpress/wordpress 1.5

wordpress/wordpress 1.5.1

wordpress/wordpress 1.5.1.2

... and 4 more

Published Mar 19, 2006

Tracked Since Feb 18, 2026