Wordpress Security Vulnerabilities and Issues — Wordpress CVE List

Lucene search

WordpressWordpress

3 matches found

CVE•added 2007/08/03 8:17 p.m.•50 views

CVE-2007-4153

Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the Options Database Table in the Admin Panel, accessed through options.php; or (2) the opml_url parameter to link-import.php. NOTE: this m...

2.1CVSS5.3AI score0.00465EPSS

CVE•added 2007/08/03 8:17 p.m.•35 views

CVE-2007-4154

SQL injection vulnerability in options.php in WordPress 2.2.1 allows remote authenticated administrators to execute arbitrary SQL commands via the page_options parameter to (1) options-general.php, (2) options-writing.php, (3) options-reading.php, (4) options-discussion.php, (5) options-privacy.php...

6.5CVSS7.8AI score0.00627EPSS

CVE•added 2007/08/03 10:17 a.m.•34 views

CVE-2007-4139

Cross-site scripting (XSS) vulnerability in the Temporary Uploads editing functionality (wp-admin/includes/upload.php) in WordPress 2.2.1, allows remote attackers to inject arbitrary web script or HTML via the style parameter to wp-admin/upload.php.

4.3CVSS5.6AI score0.00796EPSS