CVE-2008-0691

CVE Database · CVE-2008-0691

CVE-2008-0691

· N/AModified

CVSS v3.1

N/A

EPSS

3.59%

Published

Feb 11, 2008

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBWordPress Plugin WP-Footnotes 2.2 - Multiple Remote Vulnerabilities TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple cross-site scripting (XSS) vulnerabilities in admin_panel.php in the Simon Elvery WP-Footnotes 2.2 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) wp_footnotes_current_settings[priority], (2) wp_footnotes_current_settings[style_rules], (3) wp_footnotes_current_settings[pre_footnotes], and (4) wp_footnotes_current_settings[post_footnotes] parameters.

Weaknesses (CWE)

CWE-79

Affected Products (2)

simon_elvery · wp-footnotesvulnerable

wordpress · wp-footnotesvulnerable

References (10)

http://secunia.com/advisories/28772

http://securityreason.com/securityalert/3634

http://www.securityfocus.com/archive/1/487430/100/0/threaded

http://www.securityfocus.com/bid/27572

https://exchange.xforce.ibmcloud.com/vulnerabilities/40218

http://secunia.com/advisories/28772

http://securityreason.com/securityalert/3634

http://www.securityfocus.com/archive/1/487430/100/0/threaded

http://www.securityfocus.com/bid/27572

https://exchange.xforce.ibmcloud.com/vulnerabilities/40218

KEV Catalog EPSS Scores Vendors All CVEs