SQL Injection Flaw in Content Audit Plugin for WordPress by WordPress
CVE-2014-5389

Currently unrated

Key Information:

Vendor

Wordpress
Status
Content Audit
Vendor
CVE Published:
6 October 2014

What is CVE-2014-5389?

An SQL injection vulnerability exists in the Content Audit plugin for WordPress, specifically in the content-audit-schedule.php file. This issue allows remote attackers to execute arbitrary SQL commands through the 'Audited content types' option in the content-audit page. If exploited, this vulnerability can enable attackers to manipulate the database, potentially leading to unauthorized access or data exfiltration.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://packetstormsecurity.com/files/128525/WordPress-Con...
x_refsource_MISC
http://www.securityfocus.com/bid/70214
vdb-entryx_refsource_BID
https://security.dxw.com/advisories/blind-sqli-vulnerabil...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.