cbcvebase.
CVE-2007-5710
published 2007-10-30

CVE-2007-5710: Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.php in WordPress 2.3 allows remote attackers to inject arbitrary web script or HTML via the…

PriorityP417low2.6CVSS 2.0
AVNACHAuNCNIPAN
EXPLOIT
EPSS
7.00%
93.4th percentile
Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.php in WordPress 2.3 allows remote attackers to inject arbitrary web script or HTML via the posts_columns array parameter.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianwordpress< wordpress 2.3.1-1 (bookworm)wordpress 2.3.1-1 (bookworm)
wordpresswordpress
wordpresswordpress>= 0 < 2.3.1-12.3.1-1
wordpresswordpress>= 0 < 2.3.1-12.3.1-1
wordpresswordpress>= 0 < 2.3.1-12.3.1-1
wordpresswordpress>= 0 < 2.3.1-12.3.1-1

CVSS provenance

nvdv2.02.6LOWAV:N/AC:H/Au:N/C:N/I:P/A:N
osv2.6LOW
vendor_debian2.6LOW
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.