CVE-2005-2612

WordPress <1.5.1.3 - Code Injection

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2005-2612. PoCs published by Metasploit, including Metasploit module exploits/unix/webapp/wp_lastpost_exec.

AI-analyzed exploit summary This Metasploit module exploits a PHP code execution flaw in WordPress (CVE-2005-2612) by leveraging the 'register_globals' setting to inject malicious payloads via crafted cookie data. It targets versions prior to 1.5.1.3.

Description

Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubywebappsphp

https://www.exploit-db.com/exploits/16895

View Code ZIP pw:eip

This Metasploit module exploits a PHP code execution flaw in WordPress (CVE-2005-2612) by leveraging the 'register_globals' setting to inject malicious payloads via crafted cookie data. It targets versions prior to 1.5.1.3.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WordPress < 1.5.1.3

No auth needed

Prerequisites: PHP 'register_globals' enabled · Target running vulnerable WordPress version

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

rubypocphp

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wp_lastpost_exec.rb

View Code ZIP pw:eip

This Metasploit module exploits a PHP code execution vulnerability in WordPress versions prior to 1.5.1.3 by leveraging the 'register_globals' setting. It constructs a malicious cookie payload to trigger arbitrary code execution via a chain of WordPress filter functions.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WordPress < 1.5.1.3

No auth needed

Prerequisites: PHP 'register_globals' enabled · Target running vulnerable WordPress version

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/16386

Exploit mailing-list x_refsource_fulldisc

http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0234.html

Scores

EPSS 0.7342

EPSS Percentile 98.8%

Details

Status published

Products (8)

wordpress/wordpress 1.0

wordpress/wordpress 1.0.1

wordpress/wordpress 1.0.2

wordpress/wordpress 1.2

wordpress/wordpress 1.5

wordpress/wordpress 1.5.1

wordpress/wordpress 1.5.1.2

wordpress/wordpress 1.5.1.3

Published Aug 17, 2005

Tracked Since Feb 18, 2026