EUVD-2015-4047

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

SQL injection in FeedWordPress plugin before 2015.0514 allows remote execution of SQL commands.

Reporter	Title	Published	Views	Family All 14
0day.today	WordPress FeedWordPress Plugin - SQL Injection Vulnerability	20 May 201500:00	–	zdt
Circl	CVE-2015-4018	20 May 201500:00	–	circl
CNVD	Unspecified SQL Injection Vulnerability in WordPress Plugin FeedWordPress	19 May 201500:00	–	cnvd
CVE	CVE-2015-4018	21 May 201520:00	–	cve
Cvelist	CVE-2015-4018	21 May 201520:00	–	cvelist
Exploit DB	WordPress Plugin FeedWordPress 2015.0426 - SQL Injection	20 May 201500:00	–	exploitdb
exploitpack	WordPress Plugin FeedWordPress 2015.0426 - SQL Injection	20 May 201500:00	–	exploitpack
NVD	CVE-2015-4018	21 May 201520:59	–	nvd
Packet Storm	WordPress FeedWordPress 2015.0426 SQL Injection	19 May 201500:00	–	packetstorm
Packet Storm	Wing FTP 4.4.6 Cross Site Request Forgery	5 Jun 201500:00	–	packetstorm

[
  {
    "enisaIdVendor": [
      {
        "id": "e795f638-12cf-3170-94aa-efcf46598622",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0b475217-7cc9-37ef-a0fd-dc88fce1a4c5",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2015-4018
wordpress	www.wordpress.org/plugins/feedwordpress/changelog/
exploit-db	www.exploit-db.com/exploits/37067/
seclists	www.seclists.org/fulldisclosure/2015/May/75
packetstormsecurity	www.packetstormsecurity.com/files/131974/WordPress-FeedWordPress-2015.0426-SQL-Injection.html
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 26.5

EPSS0.0251