CVE-2015-7235
CVE-2015-7235 affects the WordPress plugin CP Reservation Calendar (dex_reservations.php) prior to version 1.1.7. The flaw enables SQL injection via two vectors: (1) id parameter in a dex_reservations_calendar_load2 action, and (2) dex_item parameter in a dex_reservations_check_posted_data action...