SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x prior to 1.5.5 of WordPress allows remote malicious users to execute arbitrary SQL commands via the page parameter in an activity_widget_filter action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
buddypress buddypress 1.5 |
||
buddypress buddypress 1.5.2 |
||
buddypress buddypress 1.5.3 |
||
buddypress buddypress 1.5.3.1 |
||
buddypress buddypress 1.5.4 |
||
buddypress buddypress 1.5.1 |