CVE-2015-9313
CVE-2015-9313: The WordPress plugin newstatpress (before 1.0.5) is affected by an SQL injection through an IMG element. The root cause is unsafe SQL construction in the plugin’s search path (nsp_search.php), enabling an attacker to potentially disclose data (PoC shows exfiltration of user hashes)...