{"id":"CVE-2007-5106","details":"Cross-site scripting (XSS) vulnerability in wp-register.php in WordPress 2.0 allows remote attackers to inject arbitrary web script or HTML via the user_login parameter.","modified":"2026-01-27T04:08:12.055372Z","published":"2007-09-26T22:17:00Z","withdrawn":"2026-01-27T04:08:12.055372Z","references":[{"type":"ARTICLE","url":"http://blogsecurity.net/wordpress/2-vanilla-xss-on-wordpress-wp-registerphp/"},{"type":"EVIDENCE","url":"http://www.securityfocus.com/bid/25769"},{"type":"WEB","url":"http://securityreason.com/securityalert/3175"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/480327/100/0/threaded"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36742"}],"schema_version":"1.7.3"}