Vulnerabilities > Wordpress > Wordpress > 2.3.3

DATE CVE VULNERABILITY TITLE RISK
2008-07-18 CVE-2008-3233 Cross-Site Scripting vulnerability in Wordpress
Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN development versions only, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
wordpress CWE-79
4.3
4.3
2008-05-21 CVE-2008-2392 Improper Input Validation vulnerability in Wordpress
Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier might allow remote authenticated administrators to upload and execute arbitrary PHP files via the Upload section in the Write Tabs area of the dashboard.
network
low complexity
wordpress CWE-20
critical
 9.0
9.0