Vulnerability Name:

CVE-2007-4153 (CCN-35720)

Assigned:2007-07-31
Published:2007-07-31
Updated:2017-07-29
Summary:Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the Options Database Table in the Admin Panel, accessed through options.php; or (2) the opml_url parameter to link-import.php.
Note: this might not cross privilege boundaries in some configurations, since the Administrator role has the unfiltered_html capability.
CVSS v3 Severity:2.6 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:N/AC:H/Au:S/C:N/I:P/A:N)
1.8 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:S/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Authentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
2.1 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:S/C:P/I:N/A:N)
1.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:S/C:P/I:N/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Athentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MISC
Type: UNKNOWN
http://codex.wordpress.org/Roles_and_Capabilities

Source: MITRE
Type: CNA
CVE-2007-4153

Source: CCN
Type: mybeNi websecurity blog: July 31st, 2007
6. Wordpress /link-import.php XSS Vulnerability

Source: MISC
Type: Exploit
http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/

Source: OSVDB
Type: UNKNOWN
46994

Source: OSVDB
Type: UNKNOWN
46995

Source: SECUNIA
Type: UNKNOWN
30013

Source: CCN
Type: Wordpress trac Ticket #4691
Wordpress link-import.php Cross-Site Scripting (XSS) Vulnerability

Source: DEBIAN
Type: UNKNOWN
DSA-1564

Source: DEBIAN
Type: DSA-1564
wordpress -- multiple vulnerabilities

Source: CCN
Type: OSVDB ID: 46994
WordPress Admin Panel options.php Options Database Table XSS

Source: CCN
Type: OSVDB ID: 46995
WordPress Admin Panel link-import.php opml_url Parameter XSS

Source: CCN
Type: BID-25161
WordPress Multiple Input Validation Vulnerabilities

Source: XF
Type: UNKNOWN
wordpress-linkimport-xss(35720)

Source: XF
Type: UNKNOWN
wordpress-linkimport-xss(35720)

Source: XF
Type: UNKNOWN
wordpress-options-xss(35722)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:wordpress:wordpress:2.2.1:-:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2007-4153 (CCN-35722)

    Assigned:2007-07-31
    Published:2007-07-31
    Updated:2007-07-31
    Summary:WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the options.php script. An authenticated remote attacker with Admin privileges or the _wpnonce Authentication Token could exploit this vulnerability using the Admin Panel to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
    CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): High
    Privileges Required (PR): Low
    User Interaction (UI): Required
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): None
    CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:N/AC:H/Au:S/C:N/I:P/A:N)
    1.8 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:S/C:N/I:P/A:N/E:H/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Authentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    3.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:S/C:P/I:P/A:N)
    3.1 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:S/C:P/I:P/A:N/E:H/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Athentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    Vulnerability Consequences:Gain Access
    References:Source: MITRE
    Type: CNA
    CVE-2007-4153

    Source: CCN
    Type: mybeNi websecurity blog: July 31st, 2007
    Wordpress /options.php Persistant XSS Vulnerability

    Source: CCN
    Type: Wordpress trac Ticket #4690
    Wordpress options.php SQL Injection Vulnerability

    Source: DEBIAN
    Type: DSA-1564
    wordpress -- multiple vulnerabilities

    Source: CCN
    Type: OSVDB ID: 46994
    WordPress Admin Panel options.php Options Database Table XSS

    Source: CCN
    Type: OSVDB ID: 46995
    WordPress Admin Panel link-import.php opml_url Parameter XSS

    Source: CCN
    Type: BID-25161
    WordPress Multiple Input Validation Vulnerabilities

    Source: XF
    Type: UNKNOWN
    wordpress-options-xss(35722)

    Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:wordpress:wordpress:2.2.1:-:*:*:*:*:*:*
  • AND
  • cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:7845
    P
    		DSA-1564 wordpress -- multiple vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:18483
    P
    		DSA-1564-1 wordpress - several vulnerabilities
    2014-06-23
    oval:org.debian:def:1564
    V
    		multiple vulnerabilities
    2008-05-01
    BACK
    wordpress wordpress 2.2.1
    wordpress wordpress 2.2.1 -
    debian debian linux 4.0