CVE-2008-0664

The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors.
Severity
UNKNOWN
AV:N/AC:L/Au:N/C:P/I:P/A:N
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
wordpresswordpress
0.7
wordpresswordpress
0.71
wordpresswordpress
1.2
wordpresswordpress
1.2.1
wordpresswordpress
1.2.2
wordpresswordpress
1.3.1
wordpresswordpress
1.5
wordpresswordpress
1.5.1
wordpresswordpress
1.5.1.2
wordpresswordpress
1.5.1.3
wordpresswordpress
1.5.2
wordpresswordpress
2.0
wordpresswordpress
2.0.1
wordpresswordpress
2.0.2
wordpresswordpress
2.0.3
wordpresswordpress
2.0.4
wordpresswordpress
2.0.5
wordpresswordpress
2.0.6
wordpresswordpress
2.0.7
wordpresswordpress
2.0.10
wordpresswordpress
2.0.10_rc1
wordpresswordpress
2.0.10_rc2
wordpresswordpress
2.0.11
wordpresswordpress
2.1
wordpresswordpress
2.1.1
wordpresswordpress
2.1.2
wordpresswordpress
2.1.3
wordpresswordpress
2.1.3_rc1
wordpresswordpress
2.1.3_rc2
wordpresswordpress
2.2
wordpresswordpress
2.2.1
wordpresswordpress
2.2.2
wordpresswordpress
2.2.3
wordpresswordpress
2.2_revision5002
wordpresswordpress
2.2_revision5003
wordpresswordpress
2.3
wordpresswordpress
2.3.1
wordpresswordpress
2.3.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
wordpress
bullseye (security)
5.7.11+dfsg1-0+deb11u1
fixed
bullseye
5.7.11+dfsg1-0+deb11u1
fixed
etch
not-affected
bookworm
6.1.6+dfsg1-0+deb12u1
fixed
bookworm (security)
6.1.6+dfsg1-0+deb12u1
fixed
sid
6.6.1+dfsg1-1
fixed
trixie
6.6.1+dfsg1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
wordpress
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
gutsy
Fixed 2.2.2-1ubuntu1.3
released
feisty
ignored
edgy
ignored
dapper
ignored
Common Weakness Enumeration