CVE-2010-5293

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2010-5293

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2010-5293.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2010-5293

Downstream

DEBIAN-CVE-2010-5293

Published

2014-01-21T01:55:03Z

Modified

2026-04-10T03:41:34.339235Z

Summary

[none]

Details

wp-includes/comment.php in WordPress before 3.0.2 does not properly whitelist trackbacks and pingbacks in the blogroll, which allows remote attackers to bypass intended spam restrictions via a crafted URL, as demonstrated by a URL that triggers a substring match.

References

http://codex.wordpress.org/Version_3.0.2
https://core.trac.wordpress.org/changeset/16637
https://core.trac.wordpress.org/ticket/13887
http://codex.wordpress.org/Version_3.0.2
https://core.trac.wordpress.org/changeset/16637
https://core.trac.wordpress.org/ticket/13887

CVE-2010-5293

Affected packages