3 matches found
CVE-2007-3543
CVE-2007-3543 involves an Unrestricted file upload vulnerability in WordPress up to version 2.2.1 and WordPress MU up to 1.2.3. The flaw allows a remote authenticated user to upload and execute arbitrary PHP code by creating a post with a .php filename in the _wp_attached_file metadata field and ...
CVE-2007-3544
CVE-2007-3544 describes an unrestricted file upload in WordPress 2.2.1 and WordPress MU 1.2.3 affecting (1) wp-app.php and (2) app.php. The issue allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, with possible linkage to the wp_postmeta table and ...
CVE-2007-4544
CVE-2007-4544 is a cross-site scripting (XSS) vulnerability affecting WordPress MU (multi-user)