|
Wordpress Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
An exploit is not required. The following proof of concept examples are available: Cross-site Scripting: /wp-login.php?action=login&redirect_to=[XSS] /wp-admin/templates.php?file=[XSS] /wp-admin/post.php?content=[XSS] SQL Injection: /index.php?m=bla /wp-admin/edit.php?m=bla |
|
|
Privacy Statement |
