Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 460

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) redirect_to, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirect_url parameter to admin-header.php, (3) popuptitle, popupurl, content, or post_title parameters to bookmarklet.php, (4) cat_ID parameter to categories.php, (5) s parameter to edit.php, or (6) s or mode parameter to edit-comments.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wordpress wordpress 1.2

source: wwwsecurityfocuscom/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities These issues are due to a failure of the application to properly sanitize user-supplied URI input Wordpress 12 is reported vulnerable, however, other versions may be affected as well /bookmarkletphp ...

source: wwwsecurityfocuscom/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities These issues are due to a failure of the application to properly sanitize user-supplied URI input Wordpress 12 is reported vulnerable, however, other versions may be affected as well /admin-headerph ...

source: wwwsecurityfocuscom/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities These issues are due to a failure of the application to properly sanitize user-supplied URI input Wordpress 12 is reported vulnerable, however, other versions may be affected as well /edit-commentsp ...

source: wwwsecurityfocuscom/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities These issues are due to a failure of the application to properly sanitize user-supplied URI input Wordpress 12 is reported vulnerable, however, other versions may be affected as well /wp-loginphp?red ...

source: wwwsecurityfocuscom/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities These issues are due to a failure of the application to properly sanitize user-supplied URI input Wordpress 12 is reported vulnerable, however, other versions may be affected as well /editphp?s=[XSS ...

source: wwwsecurityfocuscom/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities These issues are due to a failure of the application to properly sanitize user-supplied URI input Wordpress 12 is reported vulnerable, however, other versions may be affected as well /categoriesphp? ...

NVD-CWE-Other http://www.securityfocus.com/bid/11268 http://secunia.com/advisories/12683 http://securitytracker.com/id?1011440 http://marc.info/?l=bugtraq&m=109641484723194&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/17532 https://nvd.nist.gov https://www.exploit-db.com/exploits/24643/

CVE-2004-1559

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect