SQL injection vulnerability in mycategoryorder.php in the My Category Order plugin 2.8 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the parentID parameter in an act_OrderCategories action to wp-admin/post-new.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2010-03-26T20:00:00
Updated: 2017-09-18T12:57:01
Reserved: 2010-03-26T00:00:00
Link: CVE-2009-4748
JSON object: View
NVD Information
Status : Modified
Published: 2010-03-26T20:30:00.610
Modified: 2017-09-19T01:30:03.533
Link: CVE-2009-4748
JSON object: View
Redhat Information
No data.
CWE