Security Advisory

CVE-2017-14507

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-09-28 19:00:00

Last updated 2024-08-05 19:27:40

Assigner mitre

State PUBLISHED

Description

Multiple SQL injection vulnerabilities in the Content Timeline plugin 4.4.2 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) timeline parameter in content_timeline_class.php; or the id parameter to (2) pages/content_timeline_edit.php or (3) pages/content_timeline_index.php.

← Browse all CVEs View on cve.org ↗