CVE-2007-1277

WordPress 2.1.1 - RCE

Title source: llm

Description

WordPress 2.1.1, as downloaded from some official distribution sites during February and March 2007, contains an externally introduced backdoor that allows remote attackers to execute arbitrary commands via (1) an eval injection vulnerability in the ix parameter to wp-includes/feed.php, and (2) an untrusted passthru call in the iz parameter to wp-includes/theme.php.

Exploits (2)

exploitdb WRITEUP VERIFIED

by Ivan Fratric · textwebappsphp

https://www.exploit-db.com/exploits/29701

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Ivan Fratric · textwebappsphp

https://www.exploit-db.com/exploits/29702

View Code ZIP pw:eip

References (10)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/461794/100/0/threaded

[US Government Resource] http://www.kb.cert.org/vuls/id/214480

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/32807

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/32804

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/22797

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/0812

[Vendor Advisory] http://wordpress.org/development/2007/03/upgrade-212/

[US Government Resource] http://www.kb.cert.org/vuls/id/641456

[Exploit] http://ifsec.blogspot.com/2007/03/wordpress-code-compromised-to-enable.html

[Vendor Advisory] http://secunia.com/advisories/24374

Scores

EPSS 0.8487

EPSS Percentile 99.4%

Details

CWE

CWE-20

Status published

Products (1)

wordpress/wordpress 2.1.1

Published Mar 05, 2007

Tracked Since Feb 18, 2026