CVE-2007-4166 Information

Description

Cross-site scripting (XSS) vulnerability in index.php in the Unnamed theme 1.217 and Special Edition (SE) 1.02 before 20070804 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter possibly a related issue to CVE-2007-2757 CVE-2007-4014 and CVE-2007-4165. NOTE: some of these details are obtained from third party information.

Reference

http://osvdb.org/36604 http://secunia.com/advisories/26321 http://www.securityfocus.com/bid/25215 http://xuyiyang.com/2007/06/29/unnamed-1-217/ https://exchange.xforce.ibmcloud.com/vulnerabilities/35821