CVE-2005-2107

2005-07-0504:00:00

[email protected]

web.nvd.nist.gov

cve-2005-2107

cross-site scripting

xss

wordpress 1.5.1.2

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

71.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p or (2) comment parameter.

Affected configurations

NVD

Node

wordpresswordpressMatch1.0

wordpresswordpressMatch1.0.1

wordpresswordpressMatch1.0.2

wordpresswordpressMatch1.2

wordpresswordpressMatch1.5

wordpresswordpressMatch1.5.1

wordpresswordpressMatch1.5.1.2

VendorProductVersionCPE
wordpresswordpress1.5.1.2cpe:/a:wordpress:wordpress:1.5.1.2:::
wordpresswordpress1.0.2cpe:/a:wordpress:wordpress:1.0.2:::
wordpresswordpress1.5cpe:/a:wordpress:wordpress:1.5:::
wordpresswordpress1.0cpe:/a:wordpress:wordpress:1.0:::
wordpresswordpress1.5.1cpe:/a:wordpress:wordpress:1.5.1:::
wordpresswordpress1.2cpe:/a:wordpress:wordpress:1.2:::
wordpresswordpress1.0.1cpe:/a:wordpress:wordpress:1.0.1:::

Vendor	Product	Version	CPE
wordpress	wordpress	1.5.1.2	cpe:/a:wordpress:wordpress:1.5.1.2:::
wordpress	wordpress	1.0.2	cpe:/a:wordpress:wordpress:1.0.2:::
wordpress	wordpress	1.5	cpe:/a:wordpress:wordpress:1.5:::
wordpress	wordpress	1.0	cpe:/a:wordpress:wordpress:1.0:::
wordpress	wordpress	1.5.1	cpe:/a:wordpress:wordpress:1.5.1:::
wordpress	wordpress	1.2	cpe:/a:wordpress:wordpress:1.2:::
wordpress	wordpress	1.0.1	cpe:/a:wordpress:wordpress:1.0.1:::