2 matches found
WordPress WPML plugin SQL injection vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WPML is one of the multi-language plug-ins. A SQL injection vulnerability exists in versions of the WordPress WPML...
CVE-2015-2314
SQL injection vulnerability in the WPML plugin before 3.1.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the lang parameter in the HTTP Referer header in a wp-link-ajax action to comments/feed...