Lucene search
HistoryMay 27, 2015 - 6:59 p.m.
CVE-2015-4062
cve-2015-4062
sql injection
newstatpress
wordpress
nvd
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.027 Low
EPSS
Percentile
90.6%
SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1 parameter in the nsp_search page to wp-admin/admin.php.
Affected configurations
Node
newstatpress_projectnewstatpressRange≤0.9.8wordpress
| CPE | Name | Operator | Version |
|---|---|---|---|
| newstatpress_project:newstatpress | newstatpress project newstatpress | le | 0.9.8 |
Related
patchstack
patchstack
WordPress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities
2015-05-26 00:00:00
nvd
nvd
CVE-2015-4062
2015-05-27 18:59:03
cvelist
cvelist
CVE-2015-4062
2015-05-27 18:00:00
prion
prion
Sql injection
2015-05-27 18:59:00
nuclei
nuclei
WordPress NewStatPress 0.9.8 - SQL Injection
2023-03-05 13:42:10
seebug
seebug
WordPress NewStatPress Plugin 0.9.8 xss+sql注入
2015-08-31 00:00:00
wpvulndb
wpvulndb
NewStatPress 0.9.8 - XSS & SQL Injection
2015-05-25 00:00:00
zdt
zdt
packetstorm
packetstorm
WordPress NewStatPress 0.9.8 Cross Site Scripting / SQL Injection
2015-05-25 00:00:00
exploitpack
exploitpack
WordPress Plugin NewStatPress 0.9.8 - Multiple Vulnerabilities
2015-05-26 00:00:00
exploitdb
exploitdb
WordPress Plugin NewStatPress 0.9.8 - Multiple Vulnerabilities
2015-05-26 00:00:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.027 Low
EPSS
Percentile
90.6%
Related for CVE-2015-4062