CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-5185

SQL injection vulnerability in the Quartz plugin 1.01.1 for WordPress allows remote authenticated users with Contributor privileges to execute arbitrary SQL commands via the quote parameter in an edit action in the quartz/quote_form.php page to wp-admin/edit.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.05

EPSS Ranking 89.2%

CVSS Severity

CVSS v2 Score 6.0

References

http://codevigilant.com/disclosure/wp-plugin-quartz-a1-injection
http://codevigilant.com/disclosure/wp-plugin-quartz-a1-injection

Products affected by CVE-2014-5185

Quartz Plugin Project » Quartz Plugin » Version: 1.01.1

cpe:2.3:a:quartz_plugin_project:quartz_plugin:1.01.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-5185

Products

Pricing

Contact Us