WordPress 2.5 - 3.3.1 XSS in swfupload

Affects WordPresses

3.3.1

fixed in version 3.3.2

3.3

fixed in version 3.3.2

3.2.1

fixed in version 3.3.2

3.2

fixed in version 3.3.2

3.1.4

fixed in version 3.3.2

3.1.3

fixed in version 3.3.2

3.1.2

fixed in version 3.3.2

3.1.1

fixed in version 3.3.2

3.1

fixed in version 3.3.2

3.0.6

fixed in version 3.3.2

3.0.5

fixed in version 3.3.2

3.0.4

fixed in version 3.3.2

3.0.3

fixed in version 3.3.2

3.0.2

fixed in version 3.3.2

3.0.1

fixed in version 3.3.2

3.0

fixed in version 3.3.2

2.9.2

fixed in version 3.3.2

2.9.1

fixed in version 3.3.2

2.9

fixed in version 3.3.2

2.8.6

fixed in version 3.3.2

2.8.5

fixed in version 3.3.2

2.8.4

fixed in version 3.3.2

2.8.3

fixed in version 3.3.2

2.8.2

fixed in version 3.3.2

2.8.1

fixed in version 3.3.2

2.8

fixed in version 3.3.2

2.7.1

fixed in version 3.3.2

2.7

fixed in version 3.3.2

2.6.5

fixed in version 3.3.2

2.6.3

fixed in version 3.3.2

2.6.2

fixed in version 3.3.2

2.6.1

fixed in version 3.3.2

2.6

fixed in version 3.3.2

2.5.1

fixed in version 3.3.2

2.5

fixed in version 3.3.2

References

CVE	2012-2401
URL	http://seclists.org/fulldisclosure/2012/Nov/51

Classification

Type	XSS
OWASP Top 10	A7: Cross-Site Scripting (XSS)
CWE	CWE-79

Miscellaneous

Views	6787
Verified	No
WPVDB ID	5999

Timeline

Publicly Published	2012-04-20 (over 7 years ago)
Added	2014-08-01 (about 5 years ago)
Last Updated	2019-08-26 (about 2 months ago)

Our Other Services

Online WordPress Vulnerability Scanner

WPScan WordPress Security Plugin