CVE-2015-2213 in WordPressinfo

Summary

SQL injection vulnerability in the wp_untrash_post_comments function in wp-includes/post.php in WordPress before 4.2.4 allows remote attackers to execute arbitrary SQL commands via a comment that is mishandled after retrieval from the trash.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

03/05/2015

Disclosure

11/09/2015

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
76929	WordPress Widget hash_equals sql injection	89	Not defined	Official fix	CVE-2015-2213

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Interested in the pricing of exploits?

See the underground prices here!