NVD

Id
55789  
Name
CVE-2007-3639  
Description
WordPress before 2.2.2 allows remote attackers to redirect visitors to other websites and potentially obtain sensitive information via (1) the _wp_http_referer parameter to wp-pass.php, related to the wp_get_referer function in wp-includes/functions.php; and possibly other vectors related to (2) wp-includes/pluggable.php and (3) the wp_nonce_ays function in wp-includes/functions.php.  
Reject
 
CVSS Version
2  
CVSS Score
4  
Severity
Medium  
CVSS Base Score
4  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:P/I:P/A:N)  
Pub Date
2017-01-07  
Published
2007-07-09  
Modified Date
2008-11-15  
Seq
2007-3639  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
283627 55789 CVE-2007-3639 2869  View
283628 55789 CVE-2007-3639 DSA-1564  View
283629 55789 CVE-2007-3639 20070705 Redirection Vulnerability in wp-pass.php, WordPress 2.2.1  View
283630 55789 CVE-2007-3639 wordpress-wppass-security-bypass(35272)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
57148 JVNDB-2007-005840 WordPress における重要な情報を取得される脆弱性 WordPress は、以下に関する処理に不備があるため、重要な情報を取得される脆弱性が存在します。 CVE-2007-3639 26994 CVE-2007-3639 55789 4 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-005840.html 2007-07-09 2012-12-20 View