NA

CVE-2004-1559

Published: 31/12/2004 Updated: 11/07/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 460
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) redirect_to, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirect_url parameter to admin-header.php, (3) popuptitle, popupurl, content, or post_title parameters to bookmarklet.php, (4) cat_ID parameter to categories.php, (5) s parameter to edit.php, or (6) s or mode parameter to edit-comments.php.

Affected Products

Vendor Product Versions
WordpressWordpress1.2

Exploits

source: wwwsecurityfocuscom/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities These issues are due to a failure of the application to properly sanitize user-supplied URI input Wordpress 12 is reported vulnerable, however, other versions may be affected as well /admin-headerph ...
source: wwwsecurityfocuscom/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities These issues are due to a failure of the application to properly sanitize user-supplied URI input Wordpress 12 is reported vulnerable, however, other versions may be affected as well /editphp?s=[XSS ...
source: wwwsecurityfocuscom/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities These issues are due to a failure of the application to properly sanitize user-supplied URI input Wordpress 12 is reported vulnerable, however, other versions may be affected as well /bookmarkletphp ...
source: wwwsecurityfocuscom/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities These issues are due to a failure of the application to properly sanitize user-supplied URI input Wordpress 12 is reported vulnerable, however, other versions may be affected as well /wp-loginphp?red ...
source: wwwsecurityfocuscom/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities These issues are due to a failure of the application to properly sanitize user-supplied URI input Wordpress 12 is reported vulnerable, however, other versions may be affected as well /edit-commentsp ...
source: wwwsecurityfocuscom/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities These issues are due to a failure of the application to properly sanitize user-supplied URI input Wordpress 12 is reported vulnerable, however, other versions may be affected as well /categoriesphp? ...