CVE-2007-1732

NONECVSS 0.0

0.0

Cross-site scripting (XSS) vulnerability in an mt import in wp-admin/admin.php in WordPress 2.1.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the demo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: another researcher disputes this issue, stating that this is legitimate functionality for administrators. However, it has been patched by at least one vendor

🔗 References (12)

cve@mitrehttp://codex.wordpress.org/Roles_and_Capabilities
cve@mitrehttp://marc.info/?l=bugtraq&m=117319839710382&w=2
cve@mitrehttp://osvdb.org/33884
cve@mitrehttp://secunia.com/advisories/24430
cve@mitrehttp://secunia.com/advisories/24566
cve@mitrehttp://www.gentoo.org/security/en/glsa/glsa-200703-23.xml
af854a3a-2127-422b-91ae-364da2661108http://codex.wordpress.org/Roles_and_Capabilities
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=117319839710382&w=2
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/33884
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24430
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24566
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml

Is Your Infrastructure Affected by CVE-2007-1732?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-1732

📅 Published

🔄 Last Modified

🔗 References (12)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-1732?