CVE-2005-2108

Name of the Vulnerable Software and Affected Versions: WordPress versions 1.5.1.2 and earlier

Description: A SQL injection issue exists due to unfiltered input in the HTTP RAW POST DATA variable, allowing remote attackers to execute arbitrary SQL commands by manipulating the data stored in an XML file.

Recommendations: For WordPress versions 1.5.1.2 and earlier, update to a version later than 1.5.1.2 to resolve the issue. As a temporary workaround, consider restricting access to the XMLRPC server to minimize the risk of exploitation. Avoid using unfiltered input from the HTTP RAW POST DATA variable in the XML file until the issue is resolved.