Secunia has reported an “id” SQL injection vulnerability in the WordSpew plugin for WordPress. Here’s the description of the vulnerability:

DESCRIPTION: S@BUN has reported a vulnerability in the Wordspew plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the parameter “id” in wordspew-rss.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Read more about the vulnerability here.