{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T13:36:35.530","vulnerabilities":[{"cve":{"id":"CVE-2008-0193","sourceIdentifier":"cve@mitre.org","published":"2008-01-10T00:46:00.000","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in wp-db-backup.php in WordPress 2.0.11 and earlier, and possibly 2.1.x through 2.3.x, allows remote attackers to inject arbitrary web script or HTML via the backup parameter in a wp-db-backup.php action to wp-admin/edit.php."},{"lang":"es","value":"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en wp-db-backup.php de WordPress 2.0.11 y anteriores, y posiblemente 2.1.x hasta 2.3.x, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante el parámetro backup en una acción wp-db-backup.php a wp-admin/edit.php."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","versionEndIncluding":"2.0.11","matchCriteriaId":"59250D63-6E6D-4A70-9053-2934E66EBE5F"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*","matchCriteriaId":"8A3624D4-E666-4A1B-B465-714ACBA0034C"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*","matchCriteriaId":"7A7CBC45-320E-48CF-9A63-07DDE2FB61BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*","matchCriteriaId":"266E32CD-66FB-4E19-8091-EC748B177D8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.1.3:*:*:*:*:*:*:*","matchCriteriaId":"D3DD9120-2224-4612-A6EE-539F47BD50E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.1.3_rc1:*:*:*:*:*:*:*","matchCriteriaId":"14B0A9E4-9D09-4127-AF8B-4DA6D488E67C"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.1.3_rc2:*:*:*:*:*:*:*","matchCriteriaId":"E8C667FD-BA00-43B3-8313-5A24A2DFF55A"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*","matchCriteriaId":"5A9FBA02-8A6A-471F-92CD-D8E77B5061C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.2.0:*:*:*:*:*:*:*","matchCriteriaId":"A1D97C81-A053-4D73-BEA7-CBCB5FC0CC83"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:*","matchCriteriaId":"1B5BC7E8-4C8A-4183-AB8C-1DAE12935387"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*","matchCriteriaId":"A0F9137B-D13F-488B-8196-85E06FAB682E"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*","matchCriteriaId":"82F257F4-CB62-4C6F-8866-AA253EC8C0C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.2_revision5002:*:*:*:*:*:*:*","matchCriteriaId":"8AC4F089-A606-4880-8C5D-24520B55CD14"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.2_revision5003:*:*:*:*:*:*:*","matchCriteriaId":"B4F6724F-AC94-4D6B-BEB7-EF4683FD1A07"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:2.3:*:*:*:*:*:*:*","matchCriteriaId":"79AB6F6F-2FE3-4FC3-9009-D40EA852711F"}]}]}],"references":[{"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://secunia.com/advisories/29014","source":"cve@mitre.org"},{"url":"http://securityreason.com/securityalert/3539","source":"cve@mitre.org"},{"url":"http://securityvulns.ru/Sdocument755.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://websecurity.com.ua/1676/","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.debian.org/security/2008/dsa-1502","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/485786/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/27123","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://secunia.com/advisories/29014","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://securityreason.com/securityalert/3539","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://securityvulns.ru/Sdocument755.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://websecurity.com.ua/1676/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.debian.org/security/2008/dsa-1502","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/485786/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/27123","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}}]}