SQL injection vulnerability in feedwordpresssyndicationpage.class.php in the FeedWordPress plugin prior to 2015.0514 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the link_ids[] parameter in an Update action in the syndication.php page to wp-admin/admin.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
feedwordpress project feedwordpress |