Vulnerability CVE-2014-5389

Vulnerability CVE-2014-5389

Published: 2014-10-06

Description:

	Topic	Author	Date
Med.	WordPress Content Audit 1.6 Blind SQL Injection	Tom Adams	02.10.2014

Type:

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.5/10	6.4/10	10/10

Affected software
Content audit project -> Content audit

https://wordpress.org/plugins/content-audit/changelog

https://security.dxw.com/advisories/blind-sqli-vulnerability-in-content-audit-could-allow-a-privileged-attacker-to-exfiltrate-password-hashes/

http://www.securityfocus.com/bid/70214

http://seclists.org/fulldisclosure/2014/Oct/8

http://packetstormsecurity.com/files/128525/WordPress-Content-Audit-1.6-Blind-SQL-Injection.html