Title : WordPress "XML-RPC" Module Remote SQL Injection and Security Bypass Vulnerabilities VUPEN ID : VUPEN/ADV-2007-1245 CVE ID : CVE-2007-1893 - CVE-2007-1897
Rated as : Moderate Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2007-04-04
Technical Description
Multiple vulnerabilities have been identified in WordPress, which could be exploited by malicious users to bypass security restrictions or conduct SQL injection attacks.
The first issue is due to an input validation error in the "xmlrpc.php" script that does not validate user-supplied arguments before being used in SQL statements, which could be exploited by malicious users to execute arbitrary SQL queries.
The second issue is due to an access validation error in the "xmlrpc.php" script that does not validate user permissions, which could be exploited by malicious users with contributor privileges and without "publish_posts" permissions to publish certain posts.
