CVE-2015-2199
The CVE-2015-2199 issue affects the WonderPlugin Audio Player WordPress plugin (before 2.1). Multiple SQL injection flaws allow remote unauthenticated/authenticated actors to execute arbitrary SQL commands via item[id] in wonderplugin_audio_save_item (AJAX at wp-admin/admin-ajax.php) or via itemi...