Description

SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file.

Remediation

References

CVE-2005-2108

Related Vulnerabilities

Joomla! Core 4.x.x Multiple Vulnerabilities (4.0.0 - 4.2.3)

MySQL CVE-2022-21316 Vulnerability (CVE-2022-21316)

WordPress Plugin Book appointment online Cross-Site Scripting (1.38)

WordPress Plugin WP-Recall-Registration, Profile, Commerce & More Cross-Site Scripting (16.24.47)

WordPress Plugin WordPress Popular Posts Cross-Site Scripting (3.3.2)

Severity

High

Classification

CVE-2005-2108

Tags

Missing Update Known Vulnerabilities