SQL Injection Vulnerability in Contextual Related Posts Plugin for WordPress
CVE-2014-3937

Currently unrated

Key Information:

Vendor: Wordpress
Status: Contextual Related Posts
Vendor: CVE Published:; 2 June 2014

Summary

A SQL injection vulnerability exists in the Contextual Related Posts plugin for WordPress, specifically affecting versions prior to 1.8.10.2. This vulnerability allows remote attackers to execute arbitrary SQL commands, potentially leading to unauthorized access to sensitive data. The attack vector is unspecified, making it crucial for users to upgrade to the latest version to mitigate the risks. Regular updates and security patches are essential for maintaining the integrity and security of WordPress installations.

References

http://wordpress.org/plugins/contextual-related-posts/cha...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 2, 2014