2 matches found
CVE-2016-10947
The CVE-2016-10947 issue affects the WordPress Post Indexer plugin (versions prior to 3.0.6.2). Root cause: SQL injection via the period parameter by a super admin due to insufficient input validation in the plugin’s database queries. Impact: allows unauthorized access to read/alter data in the d...
CVE-2016-10948
CVE-2016-10948 concerns the WordPress Post Indexer plugin, affected when using versions before 3.0.6.2. The root cause is the plugin’s incorrect handling of data passed to the unserialize function, as stated in multiple sources. Public details in the provided documents are limited to this flaw; n...