CVE-2007-1894

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2007-1894
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2007-1894.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2007-1894
Downstream
Withdrawn
2026-01-27T04:08:56.045568Z
Published
2007-04-09T20:19:00Z
Modified
2026-01-27T04:08:56.045568Z
Summary
[none]
Details

Cross-site scripting (XSS) vulnerability in wp-includes/general-template.php in WordPress before 20070309 allows remote attackers to inject arbitrary web script or HTML via the year parameter in the wp_title function.

References

Affected packages