Description

SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file.

Remediation

References

CVE-2005-2108

Related Vulnerabilities

WordPress Other Vulnerability (CVE-2007-1049)

WordPress Plugin Quizlord Cross-Site Scripting (2.0)

Ruby Out-of-bounds Read Vulnerability (CVE-2022-28739)

WordPress Plugin WP Visitor Statistics (Real Time Traffic) Cross-Site Scripting (6.4)

Nginx Improper Encoding or Escaping of Output Vulnerability (CVE-2013-4547)

Severity

High

Classification

CVE-2005-2108

Tags

Missing Update Known Vulnerabilities