342 matches found
WordPress 'blog.header.php' Multiple Parameter SQL Injection
The version of WordPress running on the remote host is affected by multiple SQL injection vulnerabilities. An attacker can exploit these flaws to execute arbitrary database queries resulting in the disclosure of sensitive information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: From...
WordPress < 0.72 RC1 Multiple Vulnerabilities
It is possible to make the remote host include php files hosted on a third-party server using the WordPress CGI suite that is installed which is also vulnerable to a SQL injection attack. An attacker may use this flaw to inject arbitrary PHP code into the remote host and gain a shell with the...