WordPress · Wordpress · CVE-2007-3140
Name of the Vulnerable Software and Affected Versions:
WordPress version 2.2
Description:
A SQL injection issue exists, allowing remote authenticated users to execute arbitrary SQL commands. This is achieved via a parameter value in an XML RPC `wp.suggestCategories` method call.
Recommendations:
For WordPress version 2.2, update to a version that contains a fix for this issue to prevent SQL injection attacks.