Max CVSS 6.8 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2007-1732 3.5
Cross-site scripting (XSS) vulnerability in an mt import in wp-admin/admin.php in WordPress 2.1.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the demo parameter. NOTE: the provenance of this information is u
07-08-2024 - 13:15 28-03-2007 - 20:19
CVE-2007-1409 5.0
WordPress allows remote attackers to obtain sensitive information via a direct request for wp-admin/admin-functions.php, which reveals the path in an error message.
16-10-2018 - 16:38 10-03-2007 - 22:19
CVE-2007-1244 6.8
Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue
16-10-2018 - 16:37 03-03-2007 - 19:19
CVE-2007-1230 5.8
Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/functions.php in WordPress before 2.1.2-alpha allow remote attackers to inject arbitrary web script or HTML via (1) the Referer HTTP header or (2) the URI, a different vulnerability t
08-03-2011 - 02:51 02-03-2007 - 22:19
CVE-2007-1049 4.3
Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 before 2.0.9 and 2.1 before 2.1.1 allows remote attackers to inject arbitrary web script or HTML vi
08-03-2011 - 02:51 21-02-2007 - 17:28
Back to Top Mark selected
Back to Top