Lucene search
HistoryNov 06, 2014 - 3:55 p.m.
CVE-2014-7959
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.003
Percentile
69.1%
SQL injection vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tableprefix parameter.
Affected configurations
Node
ait-probulletproof_securityMatch.44wordpress
ORait-probulletproof_securityMatch.44.1wordpress
ORait-probulletproof_securityMatch.45wordpress
ORait-probulletproof_securityMatch.45.1wordpress
ORait-probulletproof_securityMatch.45.2wordpress
ORait-probulletproof_securityMatch.45.3wordpress
ORait-probulletproof_securityMatch.45.4wordpress
ORait-probulletproof_securityMatch.45.5wordpress
ORait-probulletproof_securityMatch.45.6wordpress
ORait-probulletproof_securityMatch.45.7wordpress
ORait-probulletproof_securityMatch.45.8wordpress
ORait-probulletproof_securityMatch.45.9wordpress
ORait-probulletproof_securityMatch.46wordpress
ORait-probulletproof_securityMatch.46.1wordpress
ORait-probulletproof_securityMatch.46.2wordpress
ORait-probulletproof_securityMatch.46.3wordpress
ORait-probulletproof_securityMatch.46.4wordpress
ORait-probulletproof_securityMatch.46.5wordpress
ORait-probulletproof_securityMatch.46.6wordpress
ORait-probulletproof_securityMatch.46.7wordpress
ORait-probulletproof_securityMatch.46.8wordpress
ORait-probulletproof_securityMatch.46.9wordpress
ORait-probulletproof_securityMatch.47wordpress
ORait-probulletproof_securityMatch.47.1wordpress
ORait-probulletproof_securityMatch.47.2wordpress
ORait-probulletproof_securityMatch.47.3wordpress
ORait-probulletproof_securityMatch.47.4wordpress
ORait-probulletproof_securityMatch.47.5wordpress
ORait-probulletproof_securityMatch.47.6wordpress
ORait-probulletproof_securityMatch.47.7wordpress
ORait-probulletproof_securityMatch.47.8wordpress
ORait-probulletproof_securityMatch.47.9wordpress
ORait-probulletproof_securityMatch.48wordpress
ORait-probulletproof_securityMatch.48.1wordpress
ORait-probulletproof_securityMatch.48.2wordpress
ORait-probulletproof_securityMatch.48.3wordpress
ORait-probulletproof_securityMatch.48.4wordpress
ORait-probulletproof_securityMatch.48.5wordpress
ORait-probulletproof_securityMatch.48.6wordpress
ORait-probulletproof_securityMatch.48.7wordpress
ORait-probulletproof_securityMatch.48.8wordpress
ORait-probulletproof_securityMatch.48.9wordpress
ORait-probulletproof_securityMatch.49wordpress
ORait-probulletproof_securityMatch.49.1wordpress
ORait-probulletproof_securityMatch.49.2wordpress
ORait-probulletproof_securityMatch.49.3wordpress
ORait-probulletproof_securityMatch.49.4wordpress
ORait-probulletproof_securityMatch.49.5wordpress
ORait-probulletproof_securityMatch.49.6wordpress
ORait-probulletproof_securityMatch.49.7wordpress
ORait-probulletproof_securityMatch.49.8wordpress
ORait-probulletproof_securityMatch.49.9wordpress
ORait-probulletproof_securityMatch.50wordpress
ORait-probulletproof_securityMatch.50.1wordpress
ORait-probulletproof_securityMatch.50.2wordpress
ORait-probulletproof_securityMatch.50.3wordpress
ORait-probulletproof_securityMatch.50.4wordpress
ORait-probulletproof_securityMatch.50.5wordpress
ORait-probulletproof_securityMatch.50.6wordpress
ORait-probulletproof_securityMatch.50.7wordpress
ORait-probulletproof_securityMatch.50.8wordpress
ORait-probulletproof_securityMatch.50.9wordpress
ORait-probulletproof_securityMatch.51wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ait-pro | bulletproof_security | .44 | cpe:2.3:a:ait-pro:bulletproof_security:.44:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .44.1 | cpe:2.3:a:ait-pro:bulletproof_security:.44.1:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45 | cpe:2.3:a:ait-pro:bulletproof_security:.45:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.1 | cpe:2.3:a:ait-pro:bulletproof_security:.45.1:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.2 | cpe:2.3:a:ait-pro:bulletproof_security:.45.2:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.3 | cpe:2.3:a:ait-pro:bulletproof_security:.45.3:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.4 | cpe:2.3:a:ait-pro:bulletproof_security:.45.4:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.5 | cpe:2.3:a:ait-pro:bulletproof_security:.45.5:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.6 | cpe:2.3:a:ait-pro:bulletproof_security:.45.6:*:*:*:*:wordpress:*:* |
| ait-pro | bulletproof_security | .45.7 | cpe:2.3:a:ait-pro:bulletproof_security:.45.7:*:*:*:*:wordpress:*:* |
Related
prion
prion
Sql injection
2014-11-06 15:55:00
cvelist
cvelist
CVE-2014-7959
2014-11-06 15:00:00
cve
cve
CVE-2014-7959
2014-11-06 15:55:08
patchstack
patchstack
WordPress BulletProof Security Plugin <= .51 - SQL Injection
2014-10-07 00:00:00
securityvulns
securityvulns
Wordpress bulletproof-security <=.51 multiple vulnerabilities
2014-12-01 00:00:00
wpvulndb
wpvulndb
BulletProof Security <= .51 - Multiple Vulnerabilities (XSS & SSRF)
2014-11-05 00:00:00
zdt
zdt
WordPress Bulletproof-Security .51 Multiple Vulnerabilities
2014-11-06 00:00:00
packetstorm
packetstorm
WordPress Bulletproof-Security .51 XSS / SQL Injection / SSRF
2014-11-05 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.003
Percentile
69.1%
Related for NVD:CVE-2014-7959