CVE-2007-3140

WordPress 2.2 - Authenticated SQL Injection via XML-RPC wp.suggestCategories Method

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3140. PoCs published by Slappter.

AI-analyzed exploit summary This exploit targets a SQL injection vulnerability in WordPress 2.2's xmlrpc.php via the wp_suggestCategories function. It leverages improper type handling of the $max_results parameter to extract user credentials (usernames and MD5 password hashes) from the database.

Description

SQL injection vulnerability in xmlrpc.php in WordPress 2.2 allows remote authenticated users to execute arbitrary SQL commands via a parameter value in an XML RPC wp.suggestCategories methodCall, a different vector than CVE-2007-1897.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Slappter · textwebappsphp
https://www.exploit-db.com/exploits/4039

This exploit targets a SQL injection vulnerability in WordPress 2.2's xmlrpc.php via the wp_suggestCategories function. It leverages improper type handling of the $max_results parameter to extract user credentials (usernames and MD5 password hashes) from the database.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: WordPress 2.2
Auth required
Prerequisites: Valid WordPress user account (even low-privileged) · Access to xmlrpc.php endpoint
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Vendor Advisory vendor-advisory x_refsource_openpkg
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.021.html
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4039
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25552
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2099
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/36321
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34746
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24344

Scores

EPSS 0.0732
EPSS Percentile 93.7%

Details

Status published
Products (1)
wordpress/wordpress 2.2
Published Jun 08, 2007
Tracked Since Feb 18, 2026