FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

wordpress -- XMLRPC SQL Injection

Affected packages
de-wordpress < 2.2.1
wordpress < 2.2.1
zh-wordpress < 2.2.1

Details

VuXML ID 0838733d-1698-11dc-a197-0011098b2f36
Discovery 2007-06-06
Entry 2007-06-09
Modified 2007-06-24

Secunia reports:

Slappter has discovered a vulnerability in WordPress, which can be exploited by malicious users to conduct SQL injection attacks.

Input passed to the "wp.suggestCategories" method in xmlrpc.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Successful exploitation allows e.g. retrieving usernames and password hashes, but requires valid user credentials and knowledge of the database table prefix.

[source]

References

Bugtraq ID 24344
URL http://secunia.com/advisories/25552/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.