CVE-2014-5201

2014-08-12T20:55:00
ID CVE-2014-5201
Type cve
Reporter cve@mitre.org
Modified 2015-09-08T17:53:00

Description

SQL injection vulnerability in the Gallery Objects plugin 0.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the viewid parameter in a go_view_object action to wp-admin/admin-ajax.php.