Launchpad CVE tracker

CVE 2010-4257

SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.

Related bugs and status

CVE-2010-4257 (Candidate) is related to these bugs:

Bug #716641: CVE-2010-4257: SQL Injection from trackback functions

		In	Importance	Status
716641	CVE-2010-4257: SQL Injection from trackback functions	wordpress (Ubuntu)	Undecided	Fix Released
716641	CVE-2010-4257: SQL Injection from trackback functions	wordpress (Debian)	Unknown	Fix Released
716641	CVE-2010-4257: SQL Injection from trackback functions	wordpress (Fedora)	Medium	Fix Released
716641	CVE-2010-4257: SQL Injection from trackback functions	wordpress (Ubuntu Lucid)	Undecided	Fix Released
716641	CVE-2010-4257: SQL Injection from trackback functions	wordpress (Ubuntu Maverick)	Undecided	Fix Released
716641	CVE-2010-4257: SQL Injection from trackback functions	wordpress (Ubuntu Natty)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-4257

References