AI Score
Confidence
High
EPSS
Percentile
55.5%
Cross-site scripting (XSS) vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin’s author field, which is not properly handled during a Delete Plugin action.
codex.wordpress.org/Version_3.0.2
core.trac.wordpress.org/changeset/16373