CVE-2005-2107 | Vulnerability Database | Aqua Security

Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p or (2) comment parameter.

Affected Software

Name	Vendor	Start Version	End Version
Wordpress	Wordpress	1.0 (including)	1.0 (including)
Wordpress	Wordpress	1.0.1 (including)	1.0.1 (including)
Wordpress	Wordpress	1.0.2 (including)	1.0.2 (including)
Wordpress	Wordpress	1.2 (including)	1.2 (including)
Wordpress	Wordpress	1.5 (including)	1.5 (including)
Wordpress	Wordpress	1.5.1 (including)	1.5.1 (including)
Wordpress	Wordpress	1.5.1.2 (including)	1.5.1.2 (including)

References

http://marc.info/?l=bugtraq\u0026m=112006967221438\u0026w=2
http://secunia.com/advisories/15831
http://www.gulftech.org/?node=research\u0026article_id=00085-06282005
http://marc.info/?l=bugtraq\u0026m=112006967221438\u0026w=2
http://secunia.com/advisories/15831
http://www.gulftech.org/?node=research\u0026article_id=00085-06282005

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-2107
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html