First published: Thu Jan 10 2008(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) mcsp_opt_msg_no_answer or (2) mcsp_opt_msg_wrong_answer parameter to wp-admin/options-general.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Wordpress Math Comment Spam Protection Plugin | <=2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.