Description
Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
Remediation
References
Related Vulnerabilities
WordPress Plugin Side Cart Woocommerce (Ajax) Cross-Site Request Forgery (2.0)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5297)
WordPress Plugin BuddyPress Cross-Site Scripting (2.2.2.1)
IBM WebSEAL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2019-4156)