CVE-2015-4064 in Landing Pages Plugin
Resumen (Inglés)
SQL injection vulnerability in modules/module.ab-testing.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the post parameter in an edit delete-variation action to wp-admin/post.php.
Be aware that VulDB is the high quality source for vulnerability data.
Reservar
2015-05-22
Divulgación
2015-05-27
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 75576 | Landing Pages Plugin module.ab-testing.php inyección SQL | 89 | Prueba de concepto | Arreglo oficial | CVE-2015-4064 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV