What is the severity of CVE-2008-0682?

CVE-2008-0682 is considered a high severity vulnerability due to its potential for remote exploitation through SQL injection.

How do I fix CVE-2008-0682?

To fix CVE-2008-0682, upgrade the Wordspew plugin to version 3.72 or later for WordPress.

What versions of Wordspew are affected by CVE-2008-0682?

CVE-2008-0682 impacts Wordspew plugin versions prior to 3.72, including 1.0 through 3.71.

What kind of attack does CVE-2008-0682 allow?

CVE-2008-0682 allows attackers to execute arbitrary SQL commands via the 'id' parameter.

Is CVE-2008-0682 a common vulnerability?

CVE-2008-0682 is recognized as a common SQL injection vulnerability affecting WordPress plugins.

Vulnerability/
CVE-2008-0682

high

7.5

CWE

12/2/2008

7/8/2024

CVE-2008-0682: SQL Injection

First published: Tue Feb 12 2008(Updated: )

SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin before 3.72 for Wordpress allows remote attackers to execute arbitrary SQL commands via the id parameter.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
WordPress	=3.34
WordPress	=2.9
WordPress	=2.85
WordPress	=3.01
WordPress	=2.93
WordPress	=2.6
WordPress	=2.5
WordPress	=1.8
WordPress	=3.33
WordPress	=3.3
WordPress	=2.2
WordPress	=2.31
WordPress	<=3.71
WordPress	=3.7
WordPress	=3.51
WordPress	=1.6
WordPress	=2.7
WordPress	=3.15
WordPress	=2.1
WordPress	=2.32
WordPress	=2.3
WordPress	=2.91
WordPress	=3.31
WordPress	=2.94
WordPress	=3.021
WordPress	=3.6
WordPress	=3.2
WordPress	=2.8
WordPress	=3.02
WordPress	=2.92
WordPress	=3.0
WordPress	=2.0
WordPress	=3.16
WordPress	=3.32
WordPress	=3.022
WordPress	=2.95
WordPress	=3.1
WordPress	=1.7
WordPress	=3.52

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-0682?
CVE-2008-0682 is considered a high severity vulnerability due to its potential for remote exploitation through SQL injection.
How do I fix CVE-2008-0682?
To fix CVE-2008-0682, upgrade the Wordspew plugin to version 3.72 or later for WordPress.
What versions of Wordspew are affected by CVE-2008-0682?
CVE-2008-0682 impacts Wordspew plugin versions prior to 3.72, including 1.0 through 3.71.
What kind of attack does CVE-2008-0682 allow?
CVE-2008-0682 allows attackers to execute arbitrary SQL commands via the 'id' parameter.
Is CVE-2008-0682 a common vulnerability?
CVE-2008-0682 is recognized as a common SQL injection vulnerability affecting WordPress plugins.

agent/type
agent/references
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/author
agent/weakness
agent/description
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/wordpress
canonical/wordpress
version/wordpress/3.34
version/wordpress/2.9
version/wordpress/2.85
version/wordpress/3.01
version/wordpress/2.93
version/wordpress/2.6
version/wordpress/2.5
version/wordpress/1.8
version/wordpress/3.33
version/wordpress/3.3
version/wordpress/2.2
version/wordpress/2.31
version/wordpress/3.71
version/wordpress/3.7
version/wordpress/3.51
version/wordpress/1.6
version/wordpress/2.7
version/wordpress/3.15
version/wordpress/2.1
version/wordpress/2.32
version/wordpress/2.3
version/wordpress/2.91
version/wordpress/3.31
version/wordpress/2.94
version/wordpress/3.021
version/wordpress/3.6
version/wordpress/3.2
version/wordpress/2.8
version/wordpress/3.02
version/wordpress/2.92
version/wordpress/3.0
version/wordpress/2.0
version/wordpress/3.16
version/wordpress/3.32
version/wordpress/3.022
version/wordpress/2.95
version/wordpress/3.1
version/wordpress/1.7
version/wordpress/3.52