Back to search
CVE-2008-1061
Published: Feb 28, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) text parameter to (a) warning.php, (b) notice.php, and (c) inset.php in view/sniplets/, and possibly (d) modules/execute.php; the (2) url parameter to (e) view/admin/submenu.php; and the (3) page parameter to (f) view/admin/pager.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
29099
third-party-advisory
x_refsource_SECUNIA
sniplets-multiple-xss(40830)
vdb-entry
x_refsource_XF
5194
exploit
x_refsource_EXPLOIT-DB
20080225 Wordpress Plugin Sniplets 1.1.2 Multiple Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
3706
third-party-advisory
x_refsource_SREASON
27985
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now