Blog2Social <= 5.5.0 - SQL Injection



Description
"A SQL injection vulnerability exists in the Adenion Blog2Social plugin through 5.5.0 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system."

Affects Plugin

fixed in version 5.6.0

References

CVE 2019-13572
URL https://fortiguard.com/zeroday/FG-VD-19-094

Classification

Type SQLI
OWASP Top 10 A1: Injection
CWE CWE-89

Miscellaneous

Original Researcher Tin Duong of Fortinet's FortiGuard Labs
Views 2410
Verified No
WPVDB ID 9476

Timeline

Publicly Published 2019-07-25 (about 1 month ago)
Added 2019-07-25 (about 1 month ago)
Last Updated 2019-08-13 (12 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin