| Max CVSS | 6.8 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-1732 | 3.5 |
Cross-site scripting (XSS) vulnerability in an mt import in wp-admin/admin.php in WordPress 2.1.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the demo parameter. NOTE: the provenance of this information is u
|
07-08-2024 - 13:15 | 28-03-2007 - 20:19 | |
| CVE-2007-1409 | 5.0 |
WordPress allows remote attackers to obtain sensitive information via a direct request for wp-admin/admin-functions.php, which reveals the path in an error message.
|
16-10-2018 - 16:38 | 10-03-2007 - 22:19 | |
| CVE-2007-1244 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue
|
16-10-2018 - 16:37 | 03-03-2007 - 19:19 | |
| CVE-2007-1230 | 5.8 |
Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/functions.php in WordPress before 2.1.2-alpha allow remote attackers to inject arbitrary web script or HTML via (1) the Referer HTTP header or (2) the URI, a different vulnerability t
|
08-03-2011 - 02:51 | 02-03-2007 - 22:19 | |
| CVE-2007-1049 | 4.3 |
Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 before 2.0.9 and 2.1 before 2.1.1 allows remote attackers to inject arbitrary web script or HTML vi
|
08-03-2011 - 02:51 | 21-02-2007 - 17:28 |