SQL Injection Vulnerability in BSK PDF Manager for WordPress
CVE-2014-4944

Currently unrated

Key Information:

Vendor: Wordpress
Status: Bsk PDF Manager
Vendor: CVE Published:; 14 July 2014

Summary

The BSK PDF Manager plugin for WordPress has multiple SQL injection vulnerabilities located in the inc/bsk-pdf-dashboard.php file. These vulnerabilities allow remote authenticated users to execute arbitrary SQL commands through the manipulation of the 'categoryid' or 'pdfid' parameters when accessing wp-admin/admin.php. Exploiting these vulnerabilities could lead to unauthorized database access and potential data compromise.

References

http://www.securityfocus.com/bid/68488

vdb-entryx_refsource_BID

http://packetstormsecurity.com/files/127407/WordPress-BSK...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 14, 2014