SQLi in FeedWordPress WordPress plugin

May 19, 2015 007admin Leave a comment

Posted by Adrián M . F . on May 19

======================================================
SQLi in FeedWordPress WordPress plugin
======================================================
vendor: https://wordpress.org/plugins/feedwordpress/
active installs: 70,000+
vulnerable version: 2015.0426
fixed version: 2015.0514
CVE: CVE-2015-4018

Vulnerability
===============

(1) Authenticated SQLi [CWE-89]
——————————-

* CODE:
feedwordpresssyndicationpage.class.php:89…

007 Software

SQLi in FeedWordPress WordPress plugin

Leave a Reply Cancel reply

Software and Security Information