2014-01-21 01:00:00
mitre
PUBLISHED
Cross-site scripting (XSS) vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugins author field, which is not properly handled during a Delete Plugin action.