Unrated severityNVD Advisory· Published Oct 3, 2013· Updated Jun 16, 2026
CVE-2013-6010
CVE-2013-6010
Description
Cross-site scripting (XSS) vulnerability in the Comment Attachment plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "Attachment field title."
Affected products
2- cpe:2.3:a:wearegumball:comment-attachment:1.0:*:*:*:*:*:*:*
- Range: <=1.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.