WordPress SCORM Cloud Plugin <= 1.0.6

Back

WordPress SCORM Cloud Plugin <= 1.0.6 - SQL Injection

Product: SCORM Cloud
Description: Because of this vulnerability in ajax.php, the attackers can execute arbitrary SQL commands via the "active" parameter.
Solution: Update the plugin.
Classification: Type SQL Injection
OWASP Top 10 A1: Injection
References: CVE Mitre
CVE: Name CVE-2011-5216
Versions: Affected In <= 1.0.6
Fixed In 1.0.7
Disclosure date: 2012-10-25
Credits: stuartchilds