CVE-2011-4669 – WordPress Users <= 1.3 - SQL Injection
https://notcve.org/view.php?id=CVE-2011-4669
SQL injection vulnerability in wp-users.php in WordPress Users plugin 1.3 and possibly earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the uid parameter to index.php. Vulnerabilidad de inyección SQL en wp-users.php de WordPress Users plugin v1.3 y posiblemente anterior para WordPress permite a atacantes remotos ejecutar comandos SQL a través del parámetro index.php. • http://plugins.trac.wordpress.org/changeset/448261/wordpress-users http://secunia.com/advisories/46442 http://wordpress.org/extend/plugins/wordpress-users http://www.securityfocus.com/bid/50174 https://exchange.xforce.ibmcloud.com/vulnerabilities/70683 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •