Multiple cross-site scripting (XSS) vulnerabilities in bad-behavior-wordpress-admin.php in the Bad Behavior plugin prior to 2.0.47 and 2.2.x prior to 2.2.5 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) PATH_INFO, (2) httpbl_key, (3) httpbl_maxage, (4) httpbl_threat, (5) reverse_proxy_addresses, or (6) reverse_proxy_header parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mark_jaquith bad_behavior 2.2.3 |
||
mark_jaquith bad_behavior 2.2.4 |
||
mark_jaquith bad_behavior 2.2.1 |
||
mark_jaquith bad_behavior 2.2.2 |
||
mark_jaquith bad_behavior |
||
mark_jaquith bad_behavior 2.2.0 |
||
wordpress wordpress - |