SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x before 1.5.5 of WordPress allows remote attackers to execute arbitrary SQL commands via the page parameter in an activity_widget_filter action.
CPE | Name | Operator | Version |
---|---|---|---|
buddypress | eq | 1.5 | |
buddypress | eq | 1.5.1 | |
buddypress | eq | 1.5.2 | |
buddypress | eq | 1.5.3 | |
buddypress | eq | 1.5.3.1 | |
buddypress | eq | 1.5.4 |