Wordpress : Security Vulnerabilities, CVEs, Published In 2011 (Sql injection) CVSS score >= 6
SQL injection vulnerability in wp-users.php in WordPress Users plugin 1.3 and possibly earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the uid parameter to index.php.
Max CVSS
7.5
EPSS Score
0.14%
Published
2011-12-02
Updated
2017-08-29
wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection.
Max CVSS
7.5
EPSS Score
0.18%
Published
2011-08-10
Updated
2017-08-29
2 vulnerabilities found