Vulnerability CVE-2011-4646

Vulnerability CVE-2011-4646

Published: 2011-11-30 Modified: 2012-02-13

Description:

SQL injection vulnerability in wp-postratings.php in the WP-PostRatings plugin 1.50, 1.61, and probably other versions before 1.62 for WordPress allows remote authenticated users with the Author role to execute arbitrary SQL commands via the id attribute of the ratings shortcode when creating a post. NOTE: some of these details are obtained from third party information.

Type:

CWE-94

(Improper Control of Generation of Code ('Code Injection'))

CVSS2 => (AV:N/AC:M/Au:S/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6/10	6.4/10	6.8/10

Exploit range	Attack complexity	Authentication
Remote	Medium	Single time
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
Lesterchan -> Wp-postratings

References:

http://plugins.trac.wordpress.org/changeset/430970/wp-postratings/trunk/wp-postratings.php?old=355076&old_path=wp-postratings%2Ftrunk%2Fwp-postratings.php

http://www.securityfocus.com/bid/49986

http://wordpress.org/extend/plugins/wp-postratings/changelog/

http://secunia.com/advisories/46328

Vulnerability CVE-2011-4646

CWE-94

CVSS2 => (AV:N/AC:M/Au:S/C:P/I:P/A:P)

6/10

6.4/10

6.8/10

Remote

Medium

Single time

Partial

Partial

Partial

Affected software

References: