SQL Injection Vulnerability in WPTouch Plugin for WordPress
CVE-2011-4803

Currently unrated

Key Information:

Vendor: Wordpress
Status: WPtouch
Vendor: CVE Published:; 14 December 2011

Summary

The WPTouch plugin for WordPress contains an SQL injection vulnerability in the wptouch/ajax.php file that allows remote attackers to execute arbitrary SQL statements through the 'id' parameter. This flaw can potentially lead to unauthorized access to the database and exploitation of sensitive data, making it essential for site administrators to apply patches or workarounds to secure their installations.

References

http://www.exploit-db.com/exploits/18039

exploitx_refsource_EXPLOIT-DB

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 14, 2011