WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Tradetracker-Store has a SQL injection vulnerability, which stems from the fact that the test parameters of the xmlfeed in the plugin are not sanitized, escaped or validated before being inserted into the SQL statement, which can be exploited by an attacker to obtain sensitive database information.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress tradetracker-store | lt | 4.6.60 |