[wp-hackers] XSS vulnerability?

f.terenzani at gmail.com f.terenzani at gmail.com
Tue Aug 1 09:10:10 GMT 2006

Hi all, i have read this fix [http://trac.wordpress.org/ticket/2953]
on the WP 2.0.4:
XSS Vulnerability in the 'post_tilte' parameter in
wp-admin/page-new.php while submitting thought the "Create New page"

But I think this vulnerability there also is in the 'the_content'
parameter if you put on post.php post field:

alert('XSS Vulnerable');

For this reason I had made the script manager plugin

This have to be considered a bug?

More information about the wp-hackers mailing list