CVE-2014-9305
CVE-2014-9305 affects the WordPress plugin Cart66 Lite (before 1.5.2). The vulnerability resides in the shortcod eProductsTable function in models/Cart66Ajax.php, enabling SQL injection through the id parameter of the shortcode_products_table action sent to wp-admin/admin-ajax.php. Consequences i...