7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Because of this vulnerability in PEAR XML_RPC, attackers can execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement.
Update the WordPress to the latest available version (at least 1.4).