Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0894

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2015-0894
Last Modified 09 Mar 2015 09:21:58
Published 06 Mar 2015 09:59:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2015-0894

Summary

SQL injection vulnerability in the All In One WP Security & Firewall plugin before 3.8.8 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Vulnerable Systems

Application

  • Tips And Tricks Hq All In One Wordpress Security And Firewall 3.8.7


References

CONFIRM - https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/changelog/

JVNDB - JVNDB-2015-000037

JVN - JVN#30832515


Last Updated: 27 May 2016 11:08:00