Cross-Site Scripting Vulnerability in DMSGuestbook Plugin for WordPress
CVE-2008-0618

Currently unrated

Key Information:

Vendor: Wordpress
Status: Dmsguestbook
Vendor: CVE Published:; 6 February 2008

Summary

Multiple cross-site scripting vulnerabilities exist in the DMSGuestbook plugin for WordPress, which potentially allows remote attackers to inject arbitrary web scripts or HTML into the application. These vulnerabilities can be exploited through parameters such as gbname, gbemail, gburl, and gbmsg, which are not effectively sanitized. Web administrators and users are urged to take necessary precautions to secure their installations against potential attacks.

References

http://secunia.com/advisories/28759

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 6, 2008