CVE-2015-4614 in Easy2Map Plugin
Summary
Multiple SQL injection vulnerabilities in includes/Function.php in the Easy2Map plugin before 1.2.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the mapName parameter in an e2m_img_save_map_name action to wp-admin/admin-ajax.php and other unspecified vectors.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Reservation
06/16/2015
Disclosure
07/08/2015
Status
Confirmed
Entries
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerability | CWE | Exp | Cou | CVE |
|---|---|---|---|---|---|
| 76337 | Easy2Map Plugin Function.php sql injection | 89 | Proof-of-Concept | Official fix | CVE-2015-4614 |