CVE-2012-2109 in BuddyPress plugin
摘要
由 VulDB • 2026-06-04
WordPress的BuddyPress插件(版本在1.5.5之前的1.5.x系列)中,wp-load.php存在SQL注入漏洞。远程攻击者可通过activity_widget_filter动作中的page参数执行任意SQL命令。
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.