CVE-2007-4153 - Vulnerability Details - OpenCVE

Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the Options Database Table in the Admin Panel, accessed through options.php; or (2) the opml_url parameter to link-import.php. NOTE: this might not cross privilege boundaries in some configurations, since the Administrator role has the unfiltered_html capability.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Wordpress	Wordpress

Configuration 1 [-]

cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://codex.wordpress.org/Roles_and_Capabilities
http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/
http://osvdb.org/46994
http://osvdb.org/46995
http://secunia.com/advisories/30013
http://www.debian.org/security/2008/dsa-1564
https://exchange.xforce.ibmcloud.com/vulnerabilities/35720
https://exchange.xforce.ibmcloud.com/vulnerabilities/35722

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-08-03T20:00:00

Updated: 2024-08-07T14:46:39.363Z

Reserved: 2007-08-03T00:00:00

Link: CVE-2007-4153

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-08-03T20:17:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-4153

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-07-31T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the Options Database Table in the Admin Panel, accessed through options.php; or (2) the opml_url parameter to link-import.php. NOTE: this might not cross privilege boundaries in some configurations, since the Administrator role has the unfiltered_html capability."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "wordpress-options-xss(35722)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35722"}, {"tags": ["x_refsource_MISC"], "url": "http://codex.wordpress.org/Roles_and_Capabilities"}, {"name": "30013", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30013"}, {"name": "wordpress-linkimport-xss(35720)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35720"}, {"name": "46995", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/46995"}, {"name": "DSA-1564", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1564"}, {"tags": ["x_refsource_MISC"], "url": "http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/"}, {"name": "46994", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/46994"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4153", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the Options Database Table in the Admin Panel, accessed through options.php; or (2) the opml_url parameter to link-import.php. NOTE: this might not cross privilege boundaries in some configurations, since the Administrator role has the unfiltered_html capability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "wordpress-options-xss(35722)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35722"}, {"name": "http://codex.wordpress.org/Roles_and_Capabilities", "refsource": "MISC", "url": "http://codex.wordpress.org/Roles_and_Capabilities"}, {"name": "30013", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30013"}, {"name": "wordpress-linkimport-xss(35720)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35720"}, {"name": "46995", "refsource": "OSVDB", "url": "http://osvdb.org/46995"}, {"name": "DSA-1564", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1564"}, {"name": "http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/", "refsource": "MISC", "url": "http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/"}, {"name": "46994", "refsource": "OSVDB", "url": "http://osvdb.org/46994"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:46:39.363Z"}, "title": "CVE Program Container", "references": [{"name": "wordpress-options-xss(35722)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35722"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://codex.wordpress.org/Roles_and_Capabilities"}, {"name": "30013", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30013"}, {"name": "wordpress-linkimport-xss(35720)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35720"}, {"name": "46995", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/46995"}, {"name": "DSA-1564", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1564"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/"}, {"name": "46994", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/46994"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4153", "datePublished": "2007-08-03T20:00:00", "dateReserved": "2007-08-03T00:00:00", "dateUpdated": "2024-08-07T14:46:39.363Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "1B5BC7E8-4C8A-4183-AB8C-1DAE12935387", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the Options Database Table in the Admin Panel, accessed through options.php; or (2) the opml_url parameter to link-import.php. NOTE: this might not cross privilege boundaries in some configurations, since the Administrator role has the unfiltered_html capability."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en WordPress 2.2.1 permiten a administradores autenticados remotamente inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s de (2) la tabla Options de la base de datos en el Panel de Administraci\u00f3n, accedida a trav\u00e9s de options.php;o (2) el par\u00e1metro opml_url de link-import.php. NOTA: esto podr\u00eda no cruzar fronteras de privilegios en algunas configuraciones, puesto que el rol de Administrador tiene la capacidad unfiltered_html."}], "id": "CVE-2007-4153", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-08-03T20:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://codex.wordpress.org/Roles_and_Capabilities"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/46994"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/46995"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30013"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1564"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35720"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35722"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://codex.wordpress.org/Roles_and_Capabilities"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/46994"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/46995"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30013"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1564"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35720"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35722"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}