CVE-2015-4064 in Landing Pages Plugininfo

Summary

SQL injection vulnerability in modules/module.ab-testing.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the post parameter in an edit delete-variation action to wp-admin/post.php.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

05/22/2015

Disclosure

05/27/2015

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
75576	Landing Pages Plugin module.ab-testing.php sql injection	89	Proof-of-Concept	Official fix	CVE-2015-4064

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!