Lucene search
Pietro OlivaPATCHSTACK:F93BB85DB8939410C045BB1136E687CEHistoryOct 07, 2014 - 12:00 a.m.
WordPress BulletProof Security Plugin <= .51 - SQL Injection
2014-10-0700:00:00
Pietro Oliva
patchstack.com
5
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
This vulnerability is in admin/htaccess/bpsunlock.php. It allows remote authenticated users to execute arbitrary SQL commands via the “tableprefix” parameter.
Solution
Update the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bulletproof security | le | .51 |
Related
prion
prion
Sql injection
2014-11-06 15:55:00
cve
cve
CVE-2014-7959
2014-11-06 15:55:00
wpvulndb
wpvulndb
BulletProof Security <= .51 - Multiple Vulnerabilities (XSS & SSRF)
2014-11-05 00:00:00
securityvulns
securityvulns
Wordpress bulletproof-security <=.51 multiple vulnerabilities
2014-12-01 00:00:00
zdt
zdt
WordPress Bulletproof-Security .51 Multiple Vulnerabilities
2014-11-06 00:00:00
packetstorm
packetstorm
WordPress Bulletproof-Security .51 XSS / SQL Injection / SSRF
2014-11-05 00:00:00
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related for PATCHSTACK:F93BB85DB8939410C045BB1136E687CE