ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Do_Trackbacks() Function - SQL Injection Vulnerability

Product
Do Trackbacks() Function
Description
WordPress do_trackbacks() function is prone to an SQL injection vulnerability. It allows remote attacker to execute arbitrary select SQL query that can lead to disclosure of any information stored in the WordPress database.
Solution
Update WordPress. Also, you can disable trackbacks manually.
Classification
Type SQL Injection
OWASP Top 10 A1: Injection
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.5
Fixed In 1.5.1
Disclosure date
2010-12-05
Credits
M4g