Description

Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.

Remediation

References

CVE-2005-2612

Related Vulnerabilities

WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.0.226)

WordPress Plugin WP Super Cache Cross-Site Scripting (1.4)

MySQL CVE-2018-3279 Vulnerability (CVE-2018-3279)

WordPress Plugin TheCartPress eCommerce Shopping Cart Order Information Security Bypass (1.1.9.2)

Django Resource Management Errors Vulnerability (CVE-2015-5145)

Severity

High

Classification

CVE-2005-2612

Tags

Missing Update Known Vulnerabilities