WordPress · Wordpress · CVE-2010-5293
**Name of the Vulnerable Software and Affected Versions**
WordPress versions prior to 3.0.2
**Description**
The issue allows remote attackers to bypass intended spam restrictions by crafting a URL that triggers a substring match, effectively circumventing the trackbacks and pingbacks whitelist in the blogroll.
**Recommendations**
For versions prior to 3.0.2, update to version 3.0.2 or later to resolve the issue.