DEBIAN-CVE-2007-4894

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2007-4894
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-4894.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2007-4894
Upstream
Published
2007-09-14T18:17:00Z
Modified
2025-11-19T02:02:47.169964Z
Summary
[none]
Details

Multiple SQL injection vulnerabilities in Wordpress before 2.2.3 and Wordpress multi-user (MU) before 1.2.5a allow remote attackers to execute arbitrary SQL commands via the post_type parameter to the pingback.extensions.getPingbacks method in the XMLRPC interface, and other unspecified parameters related to "early database escaping" and missing validation of "query string like parameters."

References

Affected packages

Debian:11 / wordpress

Package

Name
wordpress
Purl
pkg:deb/debian/wordpress?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.3-1

Ecosystem specific 

{
    "urgency": "medium"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-4894.json"

Debian:12 / wordpress

Package

Name
wordpress
Purl
pkg:deb/debian/wordpress?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.3-1

Ecosystem specific 

{
    "urgency": "medium"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-4894.json"

Debian:13 / wordpress

Package

Name
wordpress
Purl
pkg:deb/debian/wordpress?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.3-1

Ecosystem specific 

{
    "urgency": "medium"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-4894.json"

Debian:14 / wordpress

Package

Name
wordpress
Purl
pkg:deb/debian/wordpress?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.3-1

Ecosystem specific 

{
    "urgency": "medium"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-4894.json"