CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Wordpress: >> Wordpress >> 2.1.1 Security Vulnerabilities

CVE-2007-1244

Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting (XSS) attacks and steal cookies via the post parameter.

CVSS Score

6.8

EPSS Score

0.08

Published

2007-03-03

Page 33

Vulnerabilities

Vulnerable Software

Wordpress: >> Wordpress >> 2.1.1 Security Vulnerabilities

Products

Pricing

Contact Us