Avereha

**Name of the Vulnerable Software and Affected Versions** WordPress versions prior to 3.0.2 **Description** The issue allows remote attackers to bypass intended spam restrictions by crafting a URL that triggers a substring match, effectively circumventing the trackbacks and pingbacks whitelist in the blogroll. **Recommendations** For versions prior to 3.0.2, update to version 3.0.2 or later to resolve the issue.