SQL Injection Vulnerability in ENL Newsletter Plugin for WordPress
CVE-2014-4939

Currently unrated

Key Information:

Vendor: Wordpress
Status: Enl-newsletter
Vendor: CVE Published:; 11 July 2014

What is CVE-2014-4939?

An SQL injection vulnerability exists in the ENL Newsletter plugin version 1.0.1 for WordPress, enabling remote authenticated administrators to execute arbitrary SQL commands through the id parameter on the enl-add-new page within the wp-admin/admin.php interface. This flaw poses significant security risks, allowing potential exploitation that can compromise database integrity and expose sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://codevigilant.com/disclosure/wp-plugin-enl-newslett...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 11, 2014

JSON

Wordpress

What is CVE-2014-4939?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.