- Because of this vulnerability in vars.php, the attackers can spoof their IP address via a PC_REMOTE_ADDR HTTP header and include a remote file.
- Update the WordPress to the latest available version (at least 2.0.3).
Type Remote File Inclusion
- Name CVE-2006-2702
Fixed In 2.0.3
- Disclosure date