Lucene search
Benjamin LimPATCHSTACK:8326C926C28A0F636DD39A9E0519C0B0HistoryJan 03, 2018 - 12:00 a.m.
WordPress Smart Google Code Inserter plugin <=3.4 - SQL injection (SQLi) vulnerability
2018-01-0300:00:00
Benjamin Lim
patchstack.com
3
0.008 Low
EPSS
Percentile
81.5%
SQL injection (SQLi) vulnerability found by Benjamin Lim in WordPress Smart Google Code Inserter plugin (versions <=3.4). Plugin function saveGoogleAdWords() function in smartgooglecode.php file passes unsanitized $_POST[“oId”] input into the SQL query.
Solution
Update the WordPress Smart Google Code Inserter plugin to the latest available version (at least version 3.5).
| CPE | Name | Operator | Version |
|---|---|---|---|
| smart google code inserter | le | 3.4 |
Related
wpvulndb
wpvulndb
Smart Google Code Inserter <= 3.4 - Unauthenticated SQL Injection
2018-01-01 00:00:00
nvd
nvd
CVE-2018-3811
2018-01-01 06:29:00
cvelist
cvelist
CVE-2018-3811
2018-01-01 06:00:00
prion
prion
Sql injection
2018-01-01 06:29:00
cve
cve
CVE-2018-3811
2018-01-01 06:29:00
zdt
zdt
exploitpack
exploitpack
openvas
openvas
WordPress Smart Google Code Inserter Plugin < 3.5 Multiple Vulnerabilities
2018-01-02 00:00:00
packetstorm
packetstorm
WordPress Smart Google Code Inserter SQL Injection
2018-01-03 00:00:00
exploitdb
exploitdb