CVE-2014-3961

2014-06-04T14:55:00
ID CVE-2014-3961
Type cve
Reporter cve@mitre.org
Modified 2014-06-05T14:48:00

Description

SQL injection vulnerability in the Export CSV page in the Participants Database plugin before 1.5.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the query parameter in an "output CSV" action to pdb-signup/.