virus logo Intrusion Prevention

WordPress.Stored.XSS

description-logoDescription

This indicates an attack attempt against a Cross-Site Scripting vulnerability in WordPress.
The vulnerability is caused by an error when the vulnerable software handles a overlong comment. It allows a remote attacker to execute arbitrary javascript via a crafted http request.

affected-products-logoAffected Products

WordPress 4.2, 4.1.2, 4.1.1, 3.9.3

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://klikki.fi/adv/wordpress2.html https://www.exploit-db.com/exploits/36844/
ID 40500
Created May 07, 2015
Updated May 02, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows, Linux
Affected App PHP_app