The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfb_cc pmfb_tid parameter.
References
Link | Resource |
---|---|
http://cinu.pl/research/wp-plugins/mail_ec951d52aa603c9caaca8c7005b84004.html | Third Party Advisory |
https://wordpress.org/plugins/plugmatter-optin-feature-box-lite/#developers | Product Release Notes |
https://wpvulndb.com/vulnerabilities/8340 | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2019-10-07 15:15
Updated : 2024-02-28 17:28
NVD link : CVE-2015-9450
Mitre link : CVE-2015-9450
CVE.ORG link : CVE-2015-9450
JSON object : View
Products Affected
sizmic
- plugmatter_optin_feature_box
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')