CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-7517

Multiple SQL injection vulnerabilities in the Double Opt-In for Download plugin before 2.0.9 for WordPress allow remote attackers to execute arbitrary SQL commands via the ver parameter to (1) class-doifd-download.php or (2) class-doifd-landing-page.php in public/includes/.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.038

EPSS Ranking 87.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://permalink.gmane.org/gmane.comp.security.oss.general/18255
http://www.securityfocus.com/bid/78220
http://www.vapidlabs.com/advisory.php?v=157
https://wpvulndb.com/vulnerabilities/8345
http://permalink.gmane.org/gmane.comp.security.oss.general/18255
http://www.securityfocus.com/bid/78220
http://www.vapidlabs.com/advisory.php?v=157
https://wpvulndb.com/vulnerabilities/8345

Products affected by CVE-2015-7517

Labwebdesigns » Double Opt-In For Download » Version: Any

cpe:2.3:a:labwebdesigns:double_opt-in_for_download:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-7517

Products

Pricing

Contact Us