CVE-2007-1277

WordPress 2.1.1 - Remote Code Execution via Backdoor in Feed and Theme PHP Files

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-1277. PoCs published by Ivan Fratric.

AI-analyzed exploit summary This is a writeup describing a backdoor in WordPress 2.1.1 that allows remote code execution via a malicious parameter in feed.php. The vulnerability is limited to version 2.1.1 and was fixed in 2.1.2.

Description

WordPress 2.1.1, as downloaded from some official distribution sites during February and March 2007, contains an externally introduced backdoor that allows remote attackers to execute arbitrary commands via (1) an eval injection vulnerability in the ix parameter to wp-includes/feed.php, and (2) an untrusted passthru call in the iz parameter to wp-includes/theme.php.

Exploits (2)

exploitdb WRITEUP VERIFIED
by Ivan Fratric · textwebappsphp
https://www.exploit-db.com/exploits/29701

This is a writeup describing a backdoor in WordPress 2.1.1 that allows remote code execution via a malicious parameter in feed.php. The vulnerability is limited to version 2.1.1 and was fixed in 2.1.2.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: WordPress 2.1.1
No auth needed
Prerequisites: WordPress 2.1.1 installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Ivan Fratric · textwebappsphp
https://www.exploit-db.com/exploits/29702

This is a writeup describing a backdoor in WordPress 2.1.1 that allows remote code execution via a malicious parameter in theme.php. The vulnerability was introduced by a compromised source code release.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: WordPress 2.1.1
No auth needed
Prerequisites: WordPress 2.1.1 installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/461794/100/0/threaded
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/214480
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32807
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32804
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22797
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0812
Vendor Advisory x_refsource_confirm
http://wordpress.org/development/2007/03/upgrade-212/
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/641456
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24374

Scores

EPSS 0.2701
EPSS Percentile 97.8%

Details

CWE
CWE-20
Status published
Products (1)
wordpress/wordpress 2.1.1
Published Mar 05, 2007
Tracked Since Feb 18, 2026