Description
PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Mobile Detector Multiple Vulnerabilities (3.8)
e107 Other Vulnerability (CVE-2006-0682)
WordPress Plugin WP Media Cleaner Multiple Cross-Site Scripting Vulnerabilities (2.2.6)
MySQL Use After Free Vulnerability (CVE-2020-11656)
WordPress Plugin SEO Rank Reporter Cross-Site Scripting (2.2.2)