2 matches found
CVE-2015-1000011
Blind SQL Injection in wordpress plugin dukapress v2.5.9...
CVE-2015-1000011
CVE-2015-1000011 affects WordPress via the DukaPress plugin up to version 2.5.9. The root cause is an unsafely handled user input in dukapress/download.php where $_GET['id'] is not sanitized before being passed to a database query, enabling a blind SQL injection. This allows unauthenticated, remo...