Cross-Site Scripting Issue in WP Comment Remix Plugin by WordPress
CVE-2008-4733

Currently unrated

Key Information:

Vendor: Wordpress
Status: WP Comment Remix Plugin
Vendor: CVE Published:; 24 October 2008

Summary

The WP Comment Remix plugin for WordPress is susceptible to an XSS vulnerability that allows attackers to inject arbitrary scripts or HTML into web pages. This issue is triggered through various parameters including replytotext, quotetext, originallypostedby, and others, providing potential entry points for malicious code into user comments.

References

http://secunia.com/advisories/32253

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/archive/1/497313/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/31750

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Oct 24, 2008
Vulnerability Reserved
Oct 24, 2008