CVE-2014-10017
Multiple SQL injection vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote attackers to execute arbitrary SQL commands via the 1 changeSort or 2 switch parameter in the uscesitemedit page to wp-admin/admin.php...