CVE-2007-1732
https://notcve.org/view.php?id=CVE-2007-1732
Cross-site scripting (XSS) vulnerability in an mt import in wp-admin/admin.php in WordPress 2.1.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the demo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: another researcher disputes this issue, stating that this is legitimate functionality for administrators. However, it has been patched by at least one vendor ** IMPUGNADO ** Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en una importación mt en wp-admin/admin.php en WordPress 2.1.2 permite a administradores remotos validados inyectar secuencias de comandos web o HTML a través del parámetro demo. NOTA: la procedencia de esta información es desconocida; los detalles han sido obtenidos a partir de la información de terceros. • http://codex.wordpress.org/Roles_and_Capabilities http://marc.info/?l=bugtraq&m=117319839710382&w=2 http://osvdb.org/33884 http://secunia.com/advisories/24430 http://secunia.com/advisories/24566 http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-1622 – WordPress Core <= 2.1.2 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-1622
Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress before 2.0.10 RC2, and before 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interface, related to loose regular expression processing of PHP_SELF. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en wp-admin/vars.php en WordPress anterior a 2.0.10 RC2, y anterior a 2.1.3 RC2 en las series 2.1, permite a usuarios remotos validados con privlegios de tema inyectar secuencias de comandos web o HTML a través de PATH_INFO en la interfaz de administrador, relacionado con el proceso regular el flujo de la expresión de PHP_SELF. • https://www.exploit-db.com/exploits/29754 http://secunia.com/advisories/24567 http://secunia.com/advisories/25108 http://sla.ckers.org/forum/read.php?2%2C7935#msg-8006 http://www.buayacorp.com/files/wordpress/wordpress-advisory.txt http://www.debian.org/security/2007/dsa-1285 http://www.securityfocus.com/bid/23027 http://www.vupen.com/english/advisories/2007/1005 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-1599 – WordPress Core < 2.0.10 - Open Redirect
https://notcve.org/view.php?id=CVE-2007-1599
wp-login.php in WordPress allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information via the redirect_to parameter. wp-login.php de WordPress permite a atacantes remotos redirigir a usuarios autenticados a otros sitios web y potencialmente obtener información confidencial a través del parámetro redirect_to. • http://secunia.com/advisories/30960 http://www.debian.org/security/2008/dsa-1601 http://www.metaeye.org/advisories/40 http://www.securityfocus.com/archive/1/463291/100/0/threaded • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2007-1409
https://notcve.org/view.php?id=CVE-2007-1409
WordPress allows remote attackers to obtain sensitive information via a direct request for wp-admin/admin-functions.php, which reveals the path in an error message. WordPress permite a atacantes remotos obtener información sensible mediante una petición directa al wp-admin/admin-functions.php, que muestra la ruta (path) en un mensaje de error. • http://secunia.com/advisories/24566 http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml http://www.securityfocus.com/archive/1/462230/100/0/threaded http://www.securityfocus.com/archive/1/462249/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/32881 •
CVE-2007-1277 – WordPress Core 2.2.1 - Backdoor
https://notcve.org/view.php?id=CVE-2007-1277
WordPress 2.1.1, as downloaded from some official distribution sites during February and March 2007, contains an externally introduced backdoor that allows remote attackers to execute arbitrary commands via (1) an eval injection vulnerability in the ix parameter to wp-includes/feed.php, and (2) an untrusted passthru call in the iz parameter to wp-includes/theme.php. WordPress 2.1.1, descargado desde algunos sitios de distribución oficial durante febrero y marzo de 2007, contiene una puerta trasera introducida externamente que permite a atacantes remotos ejecutar comandos de su elección mediante (1) una vulnerabilidad de inyección en eval en el parámetro ix de wp-includes/feed.php, y (2) una llamada a passthru no confiable en el parámetro iz de wp-includes/theme.php. • https://www.exploit-db.com/exploits/29702 https://www.exploit-db.com/exploits/29701 http://ifsec.blogspot.com/2007/03/wordpress-code-compromised-to-enable.html http://secunia.com/advisories/24374 http://wordpress.org/development/2007/03/upgrade-212 http://www.kb.cert.org/vuls/id/214480 http://www.kb.cert.org/vuls/id/641456 http://www.securityfocus.com/archive/1/461794/100/0/threaded http://www.securityfocus.com/bid/22797 http://www.vupen.com/english/advisories • CWE-20: Improper Input Validation CWE-506: Embedded Malicious Code •