CVE-2007-2714 – Akismet Spam Protection < 2.0.2 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2007-2714

14 May 2007 — Unspecified vulnerability in akismet.php in Matt Mullenweg Akismet before 2.0.2, a WordPress plugin, has unknown impact and attack vectors. Vulnerabilidad no especificada en akismet.php de Matt Mullenweg Akismet anterior a 2.0.2, una extensión (plugin) de WordPress, tiene impacto y vectores de ataque desconocidos. The Akismet Spam Protection plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the _wp_http_referer’ parameter in versions before 2.0.2 due to insufficient input sanitization an... • https://www.exploit-db.com/exploits/30036 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •