CVE-2007-6677

Peter's Random Anti-Spam Image <0.2.4 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Peter's Random Anti-Spam Image 0.2.4 and earlier plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the comment field in the comment form.

References (2)

[Broken Link] http://osvdb.org/43444

[Third Party Advisory] http://websecurity.com.ua/1535/

Scores

EPSS 0.0031

EPSS Percentile 54.0%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

peters_software/random_anti-spam_image < 0.2.4

Timeline

Published Jan 10, 2008

Tracked Since Feb 18, 2026