Vulnerabilities > Wordpress

DATE	CVE	VULNERABILITY TITLE	RISK
2007-10-30	CVE-2007-5710	Cross-Site Scripting vulnerability in Wordpress 2.3 Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.php in WordPress 2.3 allows remote attackers to inject arbitrary web script or HTML via the posts_columns array parameter. network high complexity wordpress CWE-79	2.6
2007-09-26	CVE-2007-5106	Cross-Site Scripting vulnerability in Wordpress 2.0 Cross-site scripting (XSS) vulnerability in wp-register.php in WordPress 2.0 allows remote attackers to inject arbitrary web script or HTML via the user_login parameter. network wordpress CWE-79	4.3
2007-09-26	CVE-2007-5105	Cross-Site Scripting vulnerability in Wordpress 2.0/2.0.1 Cross-site scripting (XSS) vulnerability in wp-register.php in WordPress 2.0 and 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the user_email parameter. network wordpress CWE-79	4.3
2007-09-14	CVE-2007-4894	SQL Injection vulnerability in Wordpress Multiple SQL injection vulnerabilities in Wordpress before 2.2.3 and Wordpress multi-user (MU) before 1.2.5a allow remote attackers to execute arbitrary SQL commands via the post_type parameter to the pingback.extensions.getPingbacks method in the XMLRPC interface, and other unspecified parameters related to "early database escaping" and missing validation of "query string like parameters." network low complexity wordpress CWE-89	7.5
2007-09-14	CVE-2007-4893	Cross-Site Request Forgery (CSRF) vulnerability in Wordpress wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress multi-user (MU) before 1.2.5a does not properly verify the unfiltered_html privilege, which allows remote attackers to conduct cross-site scripting (XSS) attacks via modified data to (1) post.php or (2) page.php with a no_filter field. network wordpress CWE-352	4.3
2007-08-27	CVE-2007-4544	Cross-Site Request Forgery (CSRF) vulnerability in Wordpress MU Cross-site scripting (XSS) vulnerability in wp-newblog.php in WordPress multi-user (MU) 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the weblog_id parameter (Username field). network wordpress CWE-352	4.3
2007-08-22	CVE-2007-4483	Cross-Site Scripting vulnerability in Wordpress Wordpressclassic 1.5 Cross-site scripting (XSS) vulnerability in index.php in the WordPress Classic 1.5 theme in WordPress before 2.1.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF). network wordpress	4.3
2007-08-22	CVE-2007-4482	Cross-Site Scripting vulnerability in Wordpress Pool 1.0.7 Cross-site scripting (XSS) vulnerability in index.php in the Pool 1.0.7 theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF). network wordpress	4.3
2007-08-22	CVE-2007-4481	Cross-Site Scripting vulnerability in Blix Cross-site scripting (XSS) vulnerability in index.php in the (1) Blix 0.9.1 and (2) Blix 0.9.1 Rus themes for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF). network wordpress	4.3
2007-08-22	CVE-2007-4480	Cross-Site Scripting vulnerability in Wordpress Sirius 1.0 Cross-site scripting (XSS) vulnerability in index.php in the Sirius 1.0 theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF). network wordpress	4.3

Vulnerabilities > Wordpress {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wordpress"}]}

Vulnerabilities > Wordpress