Sql injection

2012-10-0915:55:00

PRIOn knowledge base

www.prio-n.com

8.6 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.6%

JSON

SQL injection vulnerability in the Pay With Tweet plugin before 1.2 for WordPress allows remote authenticated users with certain permissions to execute arbitrary SQL commands via the id parameter in a paywithtweet shortcode.

CPENameOperatorVersion
pay-with-tweetle1.1

CPE	Name	Operator	Version
	pay-with-tweet	le	1.1

References

secunia.com/advisories/47475

wordpress.org/extend/plugins/pay-with-tweet/changelog/

www.osvdb.org/78204

www.securityfocus.com/bid/51308

exchange.xforce.ibmcloud.com/vulnerabilities/72165

www.exploit-db.com/exploits/18330