CVE-2014-5389

Currently unrated

Key Information:

Vendor: Wordpress
Status: Content Audit
Vendor: CVE Published:; 6 October 2014

Summary

SQL injection vulnerability in content-audit-schedule.php in the Content Audit plugin before 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the "Audited content types" option in the content-audit page to wp-admin/options-general.php.

References

http://packetstormsecurity.com/files/128525/WordPress-Con...

x_refsource_MISC

http://www.securityfocus.com/bid/70214

vdb-entryx_refsource_BID

https://security.dxw.com/advisories/blind-sqli-vulnerabil...

x_refsource_MISC

Timeline

Vulnerability published
Oct 6, 2014
Vulnerability Reserved
Aug 22, 2014