WordPress is the WordPress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.The WordPress Hermit plugin 3.1.6 and previous versions are vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the id parameter. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress hermit plugin | le | 3.1.6 |