Cross-site scripting (XSS) vulnerability in wp-newblog.php in WordPress multi-user (MU) 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the weblog_id parameter (Username field).
References
Configurations
Information
Published : 2007-08-27 16:17
Updated : 2018-10-15 14:36
NVD link : CVE-2007-4544
Mitre link : CVE-2007-4544
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
wordpress
- wordpress_mu