WordPress 4.5.x < 4.5.12 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - wp-admin/user-new.php sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access...

CVE-2007-1230

Multiple cross-site scripting XSS vulnerabilities in wp-includes/functions.php in WordPress before 2.1.2-alpha allow remote attackers to inject arbitrary web script or HTML via 1 the Referer HTTP header or 2 the URI, a different vulnerability than CVE-2007-1049...