SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress allows an authenticated user to execute arbitrary SQL commands via the id parameter to wp-admin/admin.php.
References
Link | Resource |
---|---|
https://www.exploit-db.com/exploits/42173/ |
Configurations
History
No history.
Information
Published : 2017-06-13 18:29
Updated : 2024-02-04 19:29
NVD link : CVE-2017-9429
Mitre link : CVE-2017-9429
CVE.ORG link : CVE-2017-9429
JSON object : View
Products Affected
event_list_project
- event_list
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')