CVE-2013-5673

Published: Sep 10, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

SQL injection vulnerability in testimonial.php in the IndiaNIC Testimonial plugin 2.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the custom_query parameter in a testimonial_add action to wp-admin/admin-ajax.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

96793

vdb-entry

x_refsource_OSVDB

20130901 IndiaNIC Testimonial WP plugin - Multiple vulnerabilities

mailing-list

x_refsource_FULLDISC

[oss-security] 20130901 Re: [CVE Request] IndiaNIC Testimonial 2.2 WP plugin

mailing-list

x_refsource_MLIST

indianictestimon-cve20135673-sql-injection(86847)

vdb-entry

x_refsource_XF

28054

exploit

x_refsource_EXPLOIT-DB

http://packetstormsecurity.com/files/123036

x_refsource_MISC

62108

vdb-entry

x_refsource_BID

20130901 IndiaNIC Testimonail WP plugin - Multiple vulnerabilities

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-5673

Description

Affected Products

References