CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-4938

SQL injection vulnerability in the WP Rss Poster (wp-rss-poster) plugin 1.0.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in the wrp-add-new page to wp-admin/admin.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.017

EPSS Ranking 81.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://codevigilant.com/disclosure/wp-plugin-wp-rss-poster-a1-injection/
http://codevigilant.com/disclosure/wp-plugin-wp-rss-poster-a1-injection/

Products affected by CVE-2014-4938

Wp Rss Poster Plugin Project » Wp-Rss-Poster » Version: 1.0.0

cpe:2.3:a:wp_rss_poster_plugin_project:wp-rss-poster:1.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-4938

Products

Pricing

Contact Us