WordPress Vulnerabilities
WordPress 2.3.0-4.7.4 - Authenticated SQL injection
Description
Due bad solution of the database abstraction library WordPress exposes itself towards SQL Injection and validation bypass. Beside WordPress itself this issue have huge impact towards complete WP ecosystem.
Up to WordPress 4.8.1 is vulnerable, but this time attack is dependent from another plugins / themes / setup.
Affects WordPress
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
Fixed in WordPress 4.7.5
References
Classification
Type
SQLI
OWASP top 10
CWE
Miscellaneous
Submitter
Slavco
Submitter website
Submitter twitter
Verified
No
WPVDB ID
Timeline
Publicly Published
2017-08-24 (about 6 years ago)
Added
2017-09-20 (about 6 years ago)
Last Updated
2019-11-01 (about 4 years ago)