Lucene search

K
patchstackJagriti Sahu AKA IncrediblePATCHSTACK:A69EDDD6BB2CB856554BAA2E9007AEEA
HistoryApr 01, 2015 - 12:00 a.m.

WordPress Business Intelligence Lite Plugin <= 1.6.1 - SQL Injection

2015-04-0100:00:00
Jagriti Sahu AKA Incredible
patchstack.com
4
wordpress
business intelligence
sql injection
vulnerability
update
plugin
software

This plugin is prone to an SQL injection vulnerability, because data is not filtering in GET parameter ’ t ', which in is file ‘view.php’.

Solution

           Update the plugin. 

Affected configurations

Vulners
Node
wpbusinessintelligencewp_business_intelligenceRange1.6.1litewordpress
VendorProductVersionCPE
wpbusinessintelligencewp_business_intelligence*cpe:2.3:a:wpbusinessintelligence:wp_business_intelligence:*:*:*:*:lite:wordpress:*:*