The wp-ultimate-exporter plugin through 1.1 for WordPress has SQL injection via the export_type_name parameter.
References
Link | Resource |
---|---|
https://wordpress.org/plugins/wp-ultimate-exporter/#developers | Product Third Party Advisory |
https://seclists.org/bugtraq/2016/Feb/183 | Exploit Mailing List Third Party Advisory |
Configurations
Information
Published : 2019-09-20 08:15
Updated : 2019-09-20 11:00
NVD link : CVE-2016-11000
Mitre link : CVE-2016-11000
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
smackcoders
- ultimate_exporter