CVE-2015-9458

The searchterms-tagging-2 plugin through 1.535 for WordPress has SQL injection via the pk_stt2_db_get_popular_terms count parameter exploitable via CSRF.

Published : 2019-10-10 16:15 Updated : 2019-10-11 14:58

6.5
CVSS Score More info
Score 6.5 / 10
6.5
Vendor Product Version URI
Seo Searchterms Tagging 2 Project Seo Searchterms Tagging 2 1.535 cpe:/a:seo_searchterms_tagging_2_project:seo_searchterms_tagging_2:1.535::~~~wordpress~~
  1. Seo Searchterms Tagging 2 Project (1) Search CVE
    1. Seo Searchterms Tagging 2 (1) Search CVE
      1. 1.535

CWE

ID Name Description Links
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. CVE

History of changes

Date Event
2019-10-11 14:58
2019-10-10 17:10

New CVE