CVE-2013-0236

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2013-0236

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2013-0236.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2013-0236

Downstream

DEBIAN-CVE-2013-0236

Published

2013-07-08T20:55:00Z

Modified

2026-04-10T03:44:22.075480Z

Summary

[none]

Details

Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) gallery shortcodes or (2) the content of a post.

References

http://wordpress.org/news/2013/01/wordpress-3-5-1/
http://core.trac.wordpress.org/changeset/23322
http://core.trac.wordpress.org/changeset/23317
http://core.trac.wordpress.org/changeset/23322
https://bugzilla.redhat.com/show_bug.cgi?id=904121
http://codex.wordpress.org/Version_3.5.1

CVE-2013-0236

Affected packages