Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p or (2) comment parameter.Referenceshttp://secunia.com/advisories/15831http://www.gulftech.org/?node=research&article_id=00085-06282005http://marc.info/?l=bugtraq&m=112006967221438&w=2
