3 matches found
CVE-2014-5389
Content Audit WordPress plugin (before 1.6.1) contains a blind SQL injection in content-audit-schedule.php. An attacker can modify the Audited content types option to inject SQL that runs, e.g., via daily wp-cron, potentially exfiltrating data (e.g., password hashes). Affected versions: ≤1.6.1; r...
WordPress Content Audit 1.6 Blind SQL Injection Vulnerability
WordPress Content Audit plugin version 1.6 suffers from a remote SQL injection vulnerability. Details ================ Software: Content Audit Version: 1.6 Homepage: http://wordpress.org/plugins/content-audit/ Advisory report:...
WordPress Content Audit 1.6 Blind SQL Injection
Details ================ Software: Content Audit Version: 1.6 Homepage: http://wordpress.org/plugins/content-audit/ Advisory report: https://security.dxw.com/advisories/blind-sqli-vulnerability-in-content-audit-could-allow-a-privileged-attacker-to-exfiltrate-password-hashes/ CVE: CVE-2014-5389...