Arbitrary SQL Command Execution in WordPress Users Plugin 1.3 and Earlier
CVE-2011-4669 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
SQL injection vulnerability in wp-users.php in WordPress Users plugin 1.3 and possibly earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the uid parameter to index.php.
Learn more about our Wordpress Pen Testing.