Security Advisory

CVE-2012-5853

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-01-08 01:00:00

Last updated 2024-08-06 21:21:28

Assigner mitre

State PUBLISHED

Description

SQL injection vulnerability in the "the_search_function" function in cardoza_ajax_search.php in the AJAX Post Search (cardoza-ajax-search) plugin before 1.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the srch_txt parameter in a "the_search_text" action to wp-admin/admin-ajax.php.

← Browse all CVEs View on cve.org ↗