Description
Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
Remediation
References
Related Vulnerabilities
WordPress Plugin Process Steps Template Designer Cross-Site Request Forgery (1.2.1)
Moodle Resource Management Errors Vulnerability (CVE-2015-2268)
PHP Other Vulnerability (CVE-2002-0986)
Nginx Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-1247)
WordPress Plugin WordPress Filter Gallery Cross-Site Scripting (0.1.5)