CVE-2012-2109

2012-09-04T16:55:02
ID CVE-2012-2109
Type cve
Reporter NVD
Modified 2012-09-05T00:00:00

Description

SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x before 1.5.5 of WordPress allows remote attackers to execute arbitrary SQL commands via the page parameter in an activity_widget_filter action.