cbcvebase.
CVE-2007-5229
published 2007-10-05

CVE-2007-5229: Cross-site request forgery (CSRF) vulnerability in the FeedBurner FeedSmith 2.2 plugin for WordPress allows remote attackers to change settings and hijack blog…

PriorityP431medium6.4CVSS 2.0
AVNACLAuNCPIPAN
EXPLOIT
EPSS
4.90%
91.0th percentile
Cross-site request forgery (CSRF) vulnerability in the FeedBurner FeedSmith 2.2 plugin for WordPress allows remote attackers to change settings and hijack blog feeds via a request to wp-admin/options-general.php that submits parameter values to FeedBurner_FeedSmith_Plugin.php, as demonstrated by the (1) feedburner_url and (2) feedburner_comments_url parameters.

Affected

1 ranges
VendorProductVersion rangeFixed in
feedburnerfeedsmith
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.