Published: 09/04/2007 Updated: 16/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in wp-includes/general-template.php in WordPress prior to 20070309 allows remote malicious users to inject arbitrary web script or HTML via the year parameter in the wp_title function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wordpress wordpress 2.0.2
wordpress wordpress 2.0.3
wordpress wordpress 2.1.2
wordpress wordpress 2.2_revision5002
wordpress wordpress 2.0.4
wordpress wordpress 2.0.5
wordpress wordpress 2.0
wordpress wordpress 2.0.1
wordpress wordpress 2.1
wordpress wordpress 2.1.1
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7

CVE-2007-1622 Cross-site scripting (XSS) vulnerability in wp-admin/varsphp in WordPress before 2010 RC2, and before 213 RC2 in the 21 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interface, related to loose regular expression ...

NVD-CWE-Other http://chxsecurity.org/advisories/adv-1-mid.txt http://trac.wordpress.org/changeset/5003 http://trac.wordpress.org/ticket/4093 http://www.securityfocus.com/bid/22902 http://secunia.com/advisories/24485 http://www.debian.org/security/2007/dsa-1285 http://secunia.com/advisories/25108 http://securityreason.com/securityalert/2526 http://www.securityfocus.com/archive/1/462374/100/0/threaded https://nvd.nist.gov https://www.debian.org/security/./dsa-1285

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-1894

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect