Alexander Koenig

Name of the Vulnerable Software and Affected Versions: Wordpress versions prior to 2.2.3 Wordpress multi-user (MU) versions prior to 1.2.5a Description: The issue allows remote attackers to conduct cross-site scripting (XSS) attacks. This is achieved by modifying data to specific files, including post.php and page.php, with a no filter field. Recommendations: For Wordpress versions prior to 2.2.3, update to version 2.2.3 or later. For Wordpress multi-user (MU) versions prior to 1.2.5a, update to version 1.2.5a or later.