Ubuntu.comUB:CVE-2007-1244CVE-2007-1244
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.058 Low
EPSS
Percentile
93.4%
Cross-site request forgery (CSRF) vulnerability in the AdminPanel in
WordPress 2.1.1 and earlier allows remote attackers to perform privileged
actions as administrators, as demonstrated using the delete action in
wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site
scripting (XSS) attacks and steal cookies via the post parameter.
Related
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.058 Low
EPSS
Percentile
93.4%