- WordPress is prone to multiple unspecified security vulnerabilities. Very little information is available on this issue. One of these issues is related to plugins and may allow a remote user to bypass security restrictions. The impact of this will depend on the configuration of WordPress but may permit the execution of arbitrary PHP code. WordPress versions prior to 2.0.4 are vulnerable.
- Update to WordPress version 2.0.4 or latest
- Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.0)
- WordPress Plugin Slideshow Gallery 2 'border' Parameter Cross-Site Scripting (1.1.4)
- WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.4.17)
- WordPress Plugin WebLibrarian Multiple Unspecified Vulnerabilities (184.108.40.206)
- WordPress Plugin My Calendar Multiple Cross-Site Scripting Vulnerabilities (2.3.9)