Max CVSS 10.0 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2007-3238 6.0
Cross-site scripting (XSS) vulnerability in functions.php in the default theme in WordPress 2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the PATH_INFO (REQUEST_URI) to wp-admin/themes.php, a different vuln
16-10-2018 - 16:47 15-06-2007 - 01:30
CVE-2007-2483 6.8
Directory traversal vulnerability in js/wptable-button.php in the wp-Table 1.43 and earlier plugin for WordPress, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via the wpPATH parameter. Success
16-10-2018 - 16:44 03-05-2007 - 17:19
CVE-2007-2627 6.8
Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress, when custom 404 pages that call get_sidebar are used, allows remote attackers to inject arbitrary web script or HTML via the query string (PHP_SELF), a different vulnerability than
16-10-2018 - 16:44 11-05-2007 - 17:19
CVE-2007-0973 6.8
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Jupiter CMS 1.1.5 allow remote attackers to inject arbitrary web script or HTML via the Referer HTTP header and certain other HTTP headers, which are displayed without proper sanitiz
16-10-2018 - 16:35 16-02-2007 - 01:28
CVE-2007-4482 4.3
Cross-site scripting (XSS) vulnerability in index.php in the Pool 1.0.7 theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).
15-10-2018 - 21:35 22-08-2007 - 23:17
CVE-2007-2828 6.0
Cross-site request forgery (CSRF) vulnerability in adsense-deluxe.php in the AdSense-Deluxe 0.x plugin for WordPress allows remote attackers to perform unspecified actions as arbitrary users via unspecified vectors.
29-07-2017 - 01:31 22-05-2007 - 21:30
CVE-2007-2714 10.0
Unspecified vulnerability in akismet.php in Matt Mullenweg Akismet before 2.0.2, a WordPress plugin, has unknown impact and attack vectors.
29-07-2017 - 01:31 16-05-2007 - 10:19
CVE-2007-3544 6.5
Unrestricted file upload vulnerability in (1) wp-app.php and (2) app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wp_postmeta
08-09-2013 - 05:21 03-07-2007 - 20:30
CVE-2007-3543 6.0
Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the _wp_attached_file metadat
15-11-2008 - 06:53 03-07-2007 - 20:30
CVE-2002-0384 7.5
Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.
10-09-2008 - 19:11 04-10-2002 - 04:00
Back to Top Mark selected
Back to Top