4.3
CVSSv2

CVE-2010-5294

Published: 21/01/2014 Updated: 21/11/2024

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in the request_filesystem_credentials function in wp-admin/includes/file.php in WordPress prior to 3.0.2 allow remote servers to inject arbitrary web script or HTML by providing a crafted error message for a (1) FTP or (2) SSH connection attempt.

Vulnerable Product Search on Vulmon Subscribe to Product

wordpress wordpress

wordpress wordpress 2.0

wordpress wordpress 2.0.1

wordpress wordpress 2.0.2

wordpress wordpress 2.0.4

wordpress wordpress 2.0.5

wordpress wordpress 2.0.6

wordpress wordpress 2.0.7

wordpress wordpress 2.0.8

wordpress wordpress 2.0.9

wordpress wordpress 2.0.10

wordpress wordpress 2.0.11

wordpress wordpress 2.1

wordpress wordpress 2.1.1

wordpress wordpress 2.1.2

wordpress wordpress 2.1.3

wordpress wordpress 2.2

wordpress wordpress 2.2.1

wordpress wordpress 2.2.2

wordpress wordpress 2.2.3

wordpress wordpress 2.3

wordpress wordpress 2.3.1

wordpress wordpress 2.3.2

wordpress wordpress 2.3.3

wordpress wordpress 2.5

wordpress wordpress 2.5.1

wordpress wordpress 2.6

wordpress wordpress 2.6.1

wordpress wordpress 2.6.2

wordpress wordpress 2.6.3

wordpress wordpress 2.6.5

wordpress wordpress 2.7

wordpress wordpress 2.7.1

wordpress wordpress 2.8

wordpress wordpress 2.8.1

wordpress wordpress 2.8.2

wordpress wordpress 2.8.3

wordpress wordpress 2.8.4

wordpress wordpress 2.8.5

wordpress wordpress 2.8.5.1

wordpress wordpress 2.8.5.2

wordpress wordpress 2.8.6

wordpress wordpress 2.9

wordpress wordpress 2.9.1

wordpress wordpress 2.9.1.1

wordpress wordpress 2.9.2

wordpress wordpress 3.0