CVE-2012-5350

Currently unrated

Key Information:

Vendor: Wordpress
Status: Pay-with-tweet
Vendor: CVE Published:; 9 October 2012

Summary

SQL injection vulnerability in the Pay With Tweet plugin before 1.2 for WordPress allows remote authenticated users with certain permissions to execute arbitrary SQL commands via the id parameter in a paywithtweet shortcode.

References

http://www.osvdb.org/78204

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/51308

vdb-entryx_refsource_BID

http://www.exploit-db.com/exploits/18330

exploitx_refsource_EXPLOIT-DB

Timeline

Vulnerability published
Oct 9, 2012
Vulnerability Reserved
Oct 9, 2012