ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Automatic Plugin 2.0.3 - SQL Injection

Product
Automatic
Description
This WordPress Automatic plugin is prone to an SQL injection. This vulnerability works in the csv.php file which does not require valid login credential and it allows an attacker to execute SQL Queries.
Solution
Upgrade this plugin to version 2.0.4.
Classification
Type SQL Injection
OWASP Top 10 A1: Injection
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 2.0.3
Fixed In 2.0.4
Disclosure date
2012-06-16
Credits
nick58