Cross-site scripting (XSS) vulnerability in wp-db-backup.php in WordPress 2.0.11 and previous versions, and possibly 2.1.x up to and including 2.3.x, allows remote malicious users to inject arbitrary web script or HTML via the backup parameter in a wp-db-backup.php action to wp-admin/edit.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wordpress wordpress |
||
wordpress wordpress 2.1 |
||
wordpress wordpress 2.1.1 |
||
wordpress wordpress 2.1.2 |
||
wordpress wordpress 2.1.3 |
||
wordpress wordpress 2.1.3 rc1 |
||
wordpress wordpress 2.1.3 rc2 |
||
wordpress wordpress 2.2 |
||
wordpress wordpress 2.2.0 |
||
wordpress wordpress 2.2.1 |
||
wordpress wordpress 2.2.2 |
||
wordpress wordpress 2.2.3 |
||
wordpress wordpress 2.2 revision5002 |
||
wordpress wordpress 2.2 revision5003 |
||
wordpress wordpress 2.3 |