• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

WordPress Multiple HTML Injection Vulnerabilities

WordPress is prone to multiple HTML-injection vulnerabilities.

Attacker-supplied HTML and script code would be executed in the context of the affected website, potentially allowing an attacker to control how the site is rendered to unregistered users of the application; other attacks are also possible.

WordPress version 2.0.1 is reportedly vulnerable; other versions may also be affected.