Multiple SQL injection vulnerabilities in the yawpp plugin 1.2 for WordPress allow remote authenticated users with Contributor privileges to execute arbitrary SQL commands via vectors related to (1) admin_functions.php or (2) admin_update.php, as demonstrated by the id parameter in the update action to wp-admin/admin.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:20:42
Updated: 2022-10-03T16:20:42
Reserved: 2022-10-03T00:00:00
Link: CVE-2014-5182
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-08-06T19:55:04.273
Modified: 2014-08-07T12:46:24.307
Link: CVE-2014-5182
JSON object: View
Redhat Information
No data.
CWE