CVE-2008-0664

Description

The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors.

How to fix CVE-2008-0664

To remediate CVE-2008-0664, upgrade the affected package to a fixed version below.

• Debian/wordpress—upgrade to 2.3.3-1 or later

Is CVE-2008-0664 being exploited?

Moderate — EPSS is 7.3%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 2.3.3-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2008-0664