WordPress 'press-this.php'多个跨站脚本漏洞

基本字段

漏洞编号：: SSV-3671

披露/发现时间：: 未知

提交时间：: 2008-07-17

漏洞等级：

漏洞类别：: 嵌入恶意代码

影响组件：: WordPress
(影响版本较多,点击查看)

漏洞作者：: 未知

提交者：: Knownsec

CVE-ID：: 补充

CNNVD-ID：: 补充

CNVD-ID：: 补充

ZoomEye Dork：: 补充

来源

漏洞详情

贡献者 Knownsec 共获得 0KB

BUGTRAQ ID: 30238 CNCAN ID：CNCAN-2008071709 WordPress是一款流行的博客应用程序。 WordPress 'press-this.php'存在输入验证问题，远程攻击者可以利用漏洞进行跨站脚本攻击，获得敏感信息。问题是'press-this.php'对多个字段缺少过滤，构建恶意脚本代码作为参数数据，并诱使用户访问，可导致恶意脚本代码在目标浏览器中执行，泄漏敏感信息。 WordPress WordPress 2.5.1 WordPress WordPress 2.3.3 WordPress WordPress 2.3.2 WordPress WordPress 2.3.1 WordPress WordPress 2.2.3 WordPress WordPress 2.2.2 WordPress WordPress 2.2.1 WordPress WordPress 2.2.1 WordPress WordPress 2.1.3 WordPress WordPress 2.1.3 WordPress WordPress 2.1.2 WordPress WordPress 2.1.1 WordPress WordPress 2.0.11 WordPress WordPress 2.0.10 WordPress WordPress 2.0.7 WordPress WordPress 2.0.6 WordPress WordPress 2.0.5 WordPress WordPress 2.0.4 WordPress WordPress 2.0.3 WordPress WordPress 2.0.2 WordPress WordPress 2.0.1 WordPress WordPress 2.0 WordPress WordPress 2.5 WordPress WordPress 2.3 WordPress WordPress 2.2 Revision 5003 WordPress WordPress 2.2 Revision 5002 WordPress WordPress 2.2 WordPress WordPress 2.1.3-RC2 WordPress WordPress 2.1.3-RC1 WordPress WordPress 2.1 WordPress WordPress 2.0.10-RC2 WordPress WordPress 2.0.10-RC1 升级程序： WordPress WordPress 2.1.3-RC1 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.2 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.5 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.0.10-RC1 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.2 Revision 5003 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.1 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.3 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.0.10-RC2 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.2 Revision 5002 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.1.3-RC2 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.0 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.0.1 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.0.10 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.0.11 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.0.2 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.0.3 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.0.4 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.0.5 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.0.6 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.0.7 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.1.1 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.1.2 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.1.3 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.1.3 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.2.1 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.2.1 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.2.2 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.2.3 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.3.1 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.3.2 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.3.3 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a> WordPress WordPress 2.5.1 WordPress wordpress 2.6 <a href=http://wordpress.org/latest.tar.gz target=_blank>http://wordpress.org/latest.tar.gz</a>