Published: 16/02/2006 Updated: 11/04/2024

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 265

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote malicious users to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author's website" field. NOTE: followup comments to the researcher's web log suggest that this issue is only exploitable by the same user who injects the XSS, so this might not be a vulnerability

Vulnerable Product	Search on Vulmon	Subscribe to Product
wordpress wordpress 2.0

source: wwwsecurityfocuscom/bid/16656/info WordPress is prone to an HTML-injection vulnerability Attacker-supplied HTML and script code would be executed in the context of the affected website, potentially allowing for the theft of cookie-based authentication credentials An attacker could also exploit this issue to control how the sit ...

NVD-CWE-Other http://myimei.com/security/2006-02-15/wordpress200autors-websitexss-attack.html http://www.securityfocus.com/bid/16656 https://exchange.xforce.ibmcloud.com/vulnerabilities/24736 http://www.securityfocus.com/archive/1/425043/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/27227/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-0733

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect