mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-14 20:08:44 +00:00
979 B
979 B
CVE-2017-14723
Description
Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks.
POC
Reference
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Afetter618/WordPress-PenTest
- https://github.com/Byebyesky/IT-Security-Projekt
- https://github.com/CeCe2018/Codepath
- https://github.com/CeCe2018/Codepath-Week-7-Alternative-Assignment-Essay
- https://github.com/Tanvi20/Week-7-Alternative-Assignment-wp-cve