CVE-2007-6013
WordPress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.
Date published : 2007-11-19
http://www.securityfocus.com/archive/1/483927/100/0/threaded