WP < 6.0.3 - CSRF in wp-trackback.php

Description There is no CSRF check in the wp-trackback.php which could allow attackers to make user perform unwanted actions via a CSRF attack...

CVE-2006-6540

SQL injection vulnerability in bt-trackback.php in Bluetrait before 1.2.0, when trackback is enabled, allows remote attackers to execute arbitrary SQL commands via unspecified parameters. NOTE: some of these details are obtained from third party information...