Vulnerabilities > Wordpress > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-08-17 | CVE-2005-2612 | Remote Security vulnerability in WordPress Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie. | 7.5 |
| 2005-07-05 | CVE-2005-2108 | SQL-Injection vulnerability in WordPress SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file. | 7.5 |
| 2005-06-01 | CVE-2005-1810 | SQL Injection vulnerability in Wordpress 1.5.1 SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $cat_ID variable, as demonstrated using the cat parameter to index.php. | 7.5 |
| 2005-05-20 | CVE-2005-1687 | Unspecified vulnerability in Wordpress 1.5 SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the tb_id parameter. | 7.5 |