CVE-2010-5295 Information
Share on:
Feb 14, 2021
cve
Description
Cross-site scripting (XSS) vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin’s author field which is not properly handled during a Delete Plugin action.
Reference
http://codex.wordpress.org/Version_3.0.2 https://core.trac.wordpress.org/changeset/16373