Boletines de Vulnerabilidades

SQL Injection in Duplicate-Page WordPress Plugin

Información sobre el sistema
   
Software afectado Wordpress

Descripción
http://feedproxy.google.com/~r/sucuri/blog/~3/qdl2JzUrVmY/sql-injection-in-duplicate-page-wordpress-plugin.html While investigating the Duplicate Page plugin we have discovered a dangerous SQL Injection vulnerability. It was not being abused externally and impacts over 800,000 sites. It’s urgency is defined by the associated DREAD score that looks at damage, reproducibility, exploitability, affected users, and discoverability. A key contributor to the criticality of this vulnerability is

More info:

http://feedproxy.google.com/~r/sucuri/blog/~3/qdl2JzUrVmY/sql-injection-in-duplicate-page-wordpress-plugin.html

Identificadores estándar
Propiedad Valor
CVE

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2019-04-11

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT