Description
SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.
Remediation
References
Related Vulnerabilities
Plone CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-5500)
WordPress Plugin Podcast Channels Cross-Site Scripting (0.20)
WordPress Plugin Circles Gallery Cross-Site Scripting (1.0.10)
WordPress Plugin Xllentech English Islamic Calendar SQL Injection (2.6.7)
WordPress Plugin Tracking Code Manager Multiple Vulnerabilities (1.11.1)