Lucene search
HistoryMay 27, 2015 - 6:59 p.m.
CVE-2015-4064
cve-2015-4064
sql injection
modules
ab testing
landing pages
wordpress
security vulnerability
nvd
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.1%
SQL injection vulnerability in modules/module.ab-testing.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the post parameter in an edit delete-variation action to wp-admin/post.php.
Affected configurations
Node
landing_pages_projectlanding_pagesRange≤1.8.4wordpress
| CPE | Name | Operator | Version |
|---|---|---|---|
| landing_pages_project:landing_pages | landing pages project landing pages | le | 1.8.4 |
Related
prion
prion
Sql injection
2015-05-27 18:59:00
nvd
nvd
CVE-2015-4064
2015-05-27 18:59:05
cvelist
cvelist
CVE-2015-4064
2015-05-27 18:00:00
patchstack
patchstack
WordPress Landing Pages Plugin <= 1.8.4 - SQL Injection
2015-05-22 00:00:00
packetstorm
packetstorm
WordPress Landing Pages 1.8.4 Cross Site Scripting / SQL Injection
2015-05-25 00:00:00
exploitpack
exploitpack
WordPress Plugin Landing Pages 1.8.4 - Multiple Vulnerabilities
2015-05-26 00:00:00
wpvulndb
wpvulndb
WordPress Landing Pages <= 1.8.4 - XSS & SQL Injection
2015-05-25 00:00:00
zdt
zdt
exploitdb
exploitdb
WordPress Plugin Landing Pages 1.8.4 - Multiple Vulnerabilities
2015-05-26 00:00:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.1%
Related for CVE-2015-4064