CVE-2008-0206
10.01.2008, 00:46
Multiple cross-site scripting (XSS) vulnerabilities in captcha\captcha.php in the Captcha! 2.5d and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) captcha_ttffolder, (2) captcha_numchars, (3) captcha_ttfrange, or (4) captcha_secret parameter.
Cross-site Scripting
Vendor | Product | Version |
---|---|---|
wordpress | captcha | 𝑥 ≤ 2.5d |
𝑥
= Vulnerable software versions
References