SQL Injection Vulnerability in GD Star Rating Plugin for WordPress
CVE-2014-2839

Currently unrated

Key Information:

Vendor

Wordpress
Status
Gd Star Rating
Vendor
CVE Published:
12 January 2015

What is CVE-2014-2839?

The GD Star Rating plugin version 19.22 for WordPress contains a SQL injection vulnerability that may allow remote administrators to execute unintended SQL commands. This security flaw occurs via the 's' parameter on the gd-star-rating-stats page, located in wp-admin/admin.php. Attackers leveraging this vulnerability could manipulate database queries, potentially leading to unauthorized data access or manipulation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://advisories.dxw.com/advisories/csrf-and-blind-sql-...
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/92156
vdb-entryx_refsource_XF
http://seclists.org/fulldisclosure/2014/Mar/399
mailing-listx_refsource_FULLDISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.