CVE-2014-5201
The CVE-2014-5201 entry involves the WordPress Gallery Objects plugin (version 0.4). The vulnerability is a SQL injection in the viewid parameter of the go_view_object action called via wp-admin/admin-ajax.php, allowing remote attackers to execute arbitrary SQL commands. The root cause is imprope...