CVE-2015-5533

SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep_month parameter to wp-admin/options-general.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:count_per_day_project:count_per_day:*:*:*:*:*:wordpress:*:*

Information

Published : 2017-10-23 11:29

Updated : 2018-10-09 12:57


NVD link : CVE-2015-5533

Mitre link : CVE-2015-5533


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

count_per_day_project

  • count_per_day