FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

wordpress -- multiple vulnerabilities

Affected packages
wordpress <,1


VuXML ID a4955b32-ed84-11d9-8310-0001020eed82
Discovery 2005-04-12
Entry 2005-07-05

A Gentoo Linux Security Advisory reports:

Due to a lack of input validation, WordPress is vulnerable to SQL injection and XSS attacks.

An attacker could use the SQL injection vulnerabilities to gain information from the database. Furthermore the cross-site scripting issues give an attacker the ability to inject and execute malicious script code or to steal cookie-based authentication credentials, potentially compromising the victim's browser.


CVE Name CVE-2005-1810