CVE-2004-1559

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2004-1559

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2004-1559.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2004-1559

Downstream

DEBIAN-CVE-2004-1559

Published

2004-12-31T05:00:00Z

Modified

2026-04-10T03:36:41.150855Z

Summary

[none]

Details

Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) redirectto, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirecturl parameter to admin-header.php, (3) popuptitle, popupurl, content, or posttitle parameters to bookmarklet.php, (4) catID parameter to categories.php, (5) s parameter to edit.php, or (6) s or mode parameter to edit-comments.php.

References

http://secunia.com/advisories/12683
http://secunia.com/advisories/12683
http://www.securityfocus.com/bid/11268
http://www.securityfocus.com/bid/11268
http://marc.info/?l=bugtraq&m=109641484723194&w=2
http://securitytracker.com/id?1011440
https://exchange.xforce.ibmcloud.com/vulnerabilities/17532

CVE-2004-1559

Affected packages