Description

The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors.

Remediation

References

CVE-2008-0664

Related Vulnerabilities

MySQL CVE-2018-3123 Vulnerability (CVE-2018-3123)

Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19926)

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2018-12022)

WordPress Plugin Verification Code for Comments Multiple Cross-Site Scripting Vulnerabilities (2.1.0)

Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.2)

Severity

Medium

Classification

CVE-2008-0664 CWE-264

Tags

Missing Update Known Vulnerabilities