Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-3238 | 6.0 |
Cross-site scripting (XSS) vulnerability in functions.php in the default theme in WordPress 2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the PATH_INFO (REQUEST_URI) to wp-admin/themes.php, a different vuln
|
16-10-2018 - 16:47 | 15-06-2007 - 01:30 | |
CVE-2007-2483 | 6.8 |
Directory traversal vulnerability in js/wptable-button.php in the wp-Table 1.43 and earlier plugin for WordPress, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via the wpPATH parameter. Success
|
16-10-2018 - 16:44 | 03-05-2007 - 17:19 | |
CVE-2007-2627 | 6.8 |
Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress, when custom 404 pages that call get_sidebar are used, allows remote attackers to inject arbitrary web script or HTML via the query string (PHP_SELF), a different vulnerability than
|
16-10-2018 - 16:44 | 11-05-2007 - 17:19 | |
CVE-2007-0973 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Jupiter CMS 1.1.5 allow remote attackers to inject arbitrary web script or HTML via the Referer HTTP header and certain other HTTP headers, which are displayed without proper sanitiz
|
16-10-2018 - 16:35 | 16-02-2007 - 01:28 | |
CVE-2007-4482 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in the Pool 1.0.7 theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).
|
15-10-2018 - 21:35 | 22-08-2007 - 23:17 | |
CVE-2007-2828 | 6.0 |
Cross-site request forgery (CSRF) vulnerability in adsense-deluxe.php in the AdSense-Deluxe 0.x plugin for WordPress allows remote attackers to perform unspecified actions as arbitrary users via unspecified vectors.
|
29-07-2017 - 01:31 | 22-05-2007 - 21:30 | |
CVE-2007-2714 | 10.0 |
Unspecified vulnerability in akismet.php in Matt Mullenweg Akismet before 2.0.2, a WordPress plugin, has unknown impact and attack vectors.
|
29-07-2017 - 01:31 | 16-05-2007 - 10:19 | |
CVE-2007-3544 | 6.5 |
Unrestricted file upload vulnerability in (1) wp-app.php and (2) app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wp_postmeta
|
08-09-2013 - 05:21 | 03-07-2007 - 20:30 | |
CVE-2007-3543 | 6.0 |
Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the _wp_attached_file metadat
|
15-11-2008 - 06:53 | 03-07-2007 - 20:30 | |
CVE-2002-0384 | 7.5 |
Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.
|
10-09-2008 - 19:11 | 04-10-2002 - 04:00 |