CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-9418

SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.6%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://wpvulndb.com/vulnerabilities/8845
https://www.exploit-db.com/exploits/42166/
https://wpvulndb.com/vulnerabilities/8845
https://www.exploit-db.com/exploits/42166/

Products affected by CVE-2017-9418

Goldplugins » Testimonials Plugin Easy Testimonials » Version: 3.4.1

cpe:2.3:a:goldplugins:testimonials_plugin_easy_testimonials:3.4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-9418

Products

Pricing

Contact Us