CVE-2007-1622

NONECVSS 0.0

0.0

Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress before 2.0.10 RC2, and before 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interface, related to loose regular expression processing of PHP_SELF.

🔗 References (14)

cve@mitrehttp://secunia.com/advisories/24567
cve@mitrehttp://secunia.com/advisories/25108
cve@mitrehttp://sla.ckers.org/forum/read.php?2%2C7935#msg-8006
cve@mitrehttp://www.buayacorp.com/files/wordpress/wordpress-advisory.txt
cve@mitrehttp://www.debian.org/security/2007/dsa-1285
cve@mitrehttp://www.securityfocus.com/bid/23027
cve@mitrehttp://www.vupen.com/english/advisories/2007/1005
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24567
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25108
af854a3a-2127-422b-91ae-364da2661108http://sla.ckers.org/forum/read.php?2%2C7935#msg-8006
af854a3a-2127-422b-91ae-364da2661108http://www.buayacorp.com/files/wordpress/wordpress-advisory.txt
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2007/dsa-1285
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/23027
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1005

Is Your Infrastructure Affected by CVE-2007-1622?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-1622

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-1622?