1. Home
  2. CVEs with refmap.bugtraq==20081222 [ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS
Max CVSS 10.0 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2008-6762 4.3
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter.
17-08-2017 - 01:29 28-04-2009 - 16:30
CVE-2008-6767 10.0
wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the application, and possibly cause a denial of service (application outage), via a direct request.
17-08-2017 - 01:29 28-04-2009 - 16:30
Back to Top Mark selected
Back to Top