3 matches found
CVE-2014-5182
Multiple SQL injection vulnerabilities in the yawpp plugin 1.2 for WordPress allow remote authenticated users with Contributor privileges to execute arbitrary SQL commands via vectors related to 1 adminfunctions.php or 2 adminupdate.php, as demonstrated by the id parameter in the update action to...
CVE-2014-5182
Multiple SQL injection vulnerabilities in the yawpp plugin 1.2 for WordPress allow remote authenticated users with Contributor privileges to execute arbitrary SQL commands via vectors related to 1 adminfunctions.php or 2 adminupdate.php, as demonstrated by the id parameter in the update action to...
CVE-2014-5182
CVE-2014-5182 describes multiple SQL injection vulnerabilities in the yawpp WordPress plugin (version 1.2). The flaws are in admin_functions.php and admin_update.php, exploitable via the id parameter in the update action to wp-admin/admin.php, allowing remote authenticated users with Contributor ...