Description
SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.
Remediation
References
Related Vulnerabilities
WordPress Plugin New Year Firework Cross-Site Scripting (1.1.9)
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3530)
WordPress Plugin Answer My Question Cross-Site Scripting (1.3)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2024-38477)
Wordpress Plugin Backup Migration CVE-2023-6553 Vulnerability (CVE-2023-6553)