Posted by Adrián M . F . on May 27
# Title: Multiple vulnerabilities in WordPress plugin “WordPress Landing
Pages”
# Author: Adrián M. F. – adrimf85[at]gmail[dot]com
# Date: 2015-05-25
# Vendor Homepage: https://wordpress.org/plugins/landing-pages/
# Active installs: 20,000+
# Vulnerable version: 1.8.4
# Fixed version: 1.8.5
# CVE: CVE-2015-4064, CVE-2015-4065
Vulnerabilities (2)
=====================
(1) Authenticated SQLi [CWE-89] (CVE-2015-4064)…