3 matches found
CVE-2011-5224
CVE-2011-5224 describes an SQL injection vulnerability in the WordPress Sentinel plugin, version 1.0.0. The issue allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Affected software: Sentinel plugin for WordPress (1.0.0). Root cause: unsafeguarded SQL handling in ...
CVE-2011-5225
CVE-2011-5225 affects the WordPress Sentinel plugin (v1.0.0). The vulnerability is an XSS in wordpress_sentinel.php that allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Impact is reflected in the NVD entry with a base score of 4.3 (Medium); confidentiality rema...
CVE-2011-5226
CVE-2011-5226: A CSRF flaw in wordpress_sentinel.php of the WordPress Sentinel plugin (version 1.0.0) allows remote attackers to hijack an administrator’s session by crafting requests that trigger snapshots. This affects the Sentinel plugin for WordPress; exploitation context and in-the-wild deta...