CVE-2011-4671

Currently unrated

Key Information:

Vendor: Wordpress
Status: Adrotate
Vendor: CVE Published:; 2 December 2011

Summary

SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL).

References

http://www.securityfocus.com/bid/50674

vdb-entryx_refsource_BID

http://secunia.com/advisories/46814

third-party-advisoryx_refsource_SECUNIA

http://downloads.wordpress.org/plugin/adrotate.3.6.8.zip

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 2, 2011
Vulnerability Reserved
Dec 2, 2011