8.4 High
AI Score
Confidence
Low
0.037 Low
EPSS
Percentile
91.9%
SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x before 1.5.5 of WordPress allows remote attackers to execute arbitrary SQL commands via the page parameter in an activity_widget_filter action.
buddypress.org/2012/03/buddypress-1-5-5/
osvdb.org/80763
seclists.org/bugtraq/2012/Apr/4
www.exploit-db.com/exploits/18690
www.openwall.com/lists/oss-security/2012/04/15/2
www.openwall.com/lists/oss-security/2012/04/16/10