Wordpress : Security Vulnerabilities, CVEs, Published In 2010
SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.
Max CVSS
6.0
EPSS Score
0.12%
Published
2010-12-07
Updated
2017-11-21
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.
Max CVSS
4.0
EPSS Score
0.60%
Published
2010-02-23
Updated
2011-01-19
2 vulnerabilities found