Description
WordPress is prone to an SQL injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. WordPress version 2.0.5 is vulnerable; other versions may also be affected.
Remediation
Update to WordPress version 2.1 or latest
References
Related Vulnerabilities
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7484)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000192)
Oracle Database Server CVE-2006-5339 Vulnerability (CVE-2006-5339)
Jenkins Incorrect Authorization Vulnerability (CVE-2018-1999003)
WordPress Plugin Enable Media Replace Arbitrary File Upload (4.0.1)