SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress prior to 4.7.2 allows remote malicious users to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wordpress wordpress |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
oracle data integrator 11.1.1.9.0 |
||
oracle data integrator 12.2.1.3.0 |
||
oracle data integrator 12.2.1.4.0 |