CVE-2014-2839

Currently unrated

Key Information:

Vendor: Wordpress
Status: Gd Star Rating
Vendor: CVE Published:; 12 January 2015

Summary

SQL injection vulnerability in the GD Star Rating plugin 19.22 for WordPress allows remote administrators to execute arbitrary SQL commands via the s parameter in the gd-star-rating-stats page to wp-admin/admin.php.

References

https://advisories.dxw.com/advisories/csrf-and-blind-sql-...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/92156

vdb-entryx_refsource_XF

http://seclists.org/fulldisclosure/2014/Mar/399

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Jan 12, 2015
Vulnerability Reserved
Apr 10, 2014