Vulnerability Details CVE-2014-4944
Multiple SQL injection vulnerabilities in inc/bsk-pdf-dashboard.php in the BSK PDF Manager plugin 1.3.2 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) categoryid or (2) pdfid parameter to wp-admin/admin.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.6%
CVSS Severity
CVSS v2 Score 6.5
References
Products affected by CVE-2014-4944
-
cpe:2.3:a:bannersky:bsk_pdf_manager:1.3.2