CVE-2015-4018

🗓️ 21 May 2015 20:00:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov👁 55 Views🌐 WEB

SQL injection vulnerability in FeedWordPress plugin before 2015.0514 for WordPress

Reporter	Title	Published	Views	Family All 14
0day.today	WordPress FeedWordPress Plugin - SQL Injection Vulnerability	20 May 201500:00	–	zdt
Circl	CVE-2015-4018	20 May 201500:00	–	circl
CNVD	Unspecified SQL Injection Vulnerability in WordPress Plugin FeedWordPress	19 May 201500:00	–	cnvd
Cvelist	CVE-2015-4018	21 May 201520:00	–	cvelist
Exploit DB	WordPress Plugin FeedWordPress 2015.0426 - SQL Injection	20 May 201500:00	–	exploitdb
EUVD	EUVD-2015-4047	7 Oct 202500:30	–	euvd
exploitpack	WordPress Plugin FeedWordPress 2015.0426 - SQL Injection	20 May 201500:00	–	exploitpack
NVD	CVE-2015-4018	21 May 201520:59	–	nvd
Packet Storm	WordPress FeedWordPress 2015.0426 SQL Injection	19 May 201500:00	–	packetstorm
Packet Storm	Wing FTP 4.4.6 Cross Site Request Forgery	5 Jun 201500:00	–	packetstorm

NVD

Node

feedwordpress_project feedwordpressRange≤2014.0805wordpress

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/131974/WordPress-FeedWordPress-2015.0426-SQL-Injection.html
wordpress	www.wordpress.org/plugins/feedwordpress/changelog/
seclists	www.seclists.org/fulldisclosure/2015/May/75
exploit-db	www.exploit-db.com/exploits/37067/

Parameter	Position	Path	Description	CWE
link_ids[]	request body	wordpress/wp-admin/admin.php?page=feedwordpress/syndication.php	Authenticated SQL injection via link_ids[] in FeedWordPress syndication Update action	CWE-89

06 May 2026 22:30Current

8.1High risk

Vulners AI Score8.1

CVSS 26.5

EPSS0.0251

cve-2015-4018 sql injection feedwordpress vulnerability wordpress nvd