WordPress 2.5 - 3.3.1 XSS in swfupload

Affects WordPresses

3.3.1

fixed in version 3.3.2

3.3

fixed in version 3.3.2

3.2.1

fixed in version 3.3.2

3.2

fixed in version 3.3.2

3.1.4

fixed in version 3.3.2

3.1.3

fixed in version 3.3.2

3.1.2

fixed in version 3.3.2

3.1.1

fixed in version 3.3.2

3.1

fixed in version 3.3.2

3.0.6

fixed in version 3.3.2

3.0.5

fixed in version 3.3.2

3.0.4

fixed in version 3.3.2

3.0.3

fixed in version 3.3.2

3.0.2

fixed in version 3.3.2

3.0.1

fixed in version 3.3.2

3.0

fixed in version 3.3.2

2.9.2

fixed in version 3.3.2

2.9.1

fixed in version 3.3.2

2.9

fixed in version 3.3.2

2.8.6

fixed in version 3.3.2

2.8.5

fixed in version 3.3.2

2.8.4

fixed in version 3.3.2

2.8.3

fixed in version 3.3.2

2.8.2

fixed in version 3.3.2

2.8.1

fixed in version 3.3.2

2.8

fixed in version 3.3.2

2.7.1

fixed in version 3.3.2

2.7

fixed in version 3.3.2

2.6.5

fixed in version 3.3.2

2.6.3

fixed in version 3.3.2

2.6.2

fixed in version 3.3.2

2.6.1

fixed in version 3.3.2

2.6

fixed in version 3.3.2

2.5.1

fixed in version 3.3.2

2.5

fixed in version 3.3.2

References

URL	http://seclists.org/fulldisclosure/2012/Nov/51

Classification

Type	XSS
OWASP Top 10	A7: Cross-Site Scripting (XSS)
CWE	CWE-79

Miscellaneous

Views	6369
Verified	No
WPVDB ID	5999

Timeline

Publicly Published	2014-08-01 (about 5 years ago)
Added	2014-08-01 (about 5 years ago)
Last Updated	2018-08-29 (12 months ago)

Our Other Services

Online WordPress Vulnerability Scanner

WPScan WordPress Security Plugin