CVE-2012-2109

2012-09-04T16:55:02
ID CVE-2012-2109
Type cve
Reporter NVD
Modified 2018-10-30T12:27:49

Description

SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x before 1.5.5 of WordPress allows remote attackers to execute arbitrary SQL commands via the page parameter in an activity_widget_filter action.