First published: Mon Apr 09 2007(Updated: )
SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the post_id variable.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
WordPress WordPress | <=2.1.2 | |
WordPress WordPress | =2.1 | |
WordPress WordPress | =2.1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.