Skip to content
Saturday, December 6, 2025
Medium Published: Aug 27, 2007 Modified: Apr 09, 2025

CVE-2007-4544

4.3 CVSS SCORE
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Share:

Description

Cross-site scripting (XSS) vulnerability in wp-newblog.php in WordPress multi-user (MU) 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the weblog_id parameter (Username field).

CVSS Vector Details

Attack Vector Network
Attack Complexity M
Confidentiality None
Integrity P
Availability None

Affected Software Configurations

  • a wordpress wordpress_mu * * * * * * * *

Weaknesses (CWE)

  • CWE-352

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More
← Back to CVE Tracker