In the post to Bugtraq on 27th August 2005 subject "Multiple CMS/Forum Vulnablilties" [sic] from jbiaso at gmail, the following claim is made:
next; wordpress blog sql injection ---
This will give the administrator hash for the wordpress blog/CMS. We
have also found that if you spoof you're browser to something like:
<?php phpinfo(); ?>, and have a failed login attempt; it is eval'd,
and you can execute your own code.
This looks like it would be register_globals dependent, and I haven't been able to reproduce either of these issues on my WP 1.5.2 installation where register_globals is disabled, but I'd appreciate a definitive response -- even better if it's posted to Bugtraq for the sake of the record.
Apologies if this has already been asked, it can be difficult to find anything specific on this forum, and it's really poor that 'security' is not shown amongst the tags on the main page.