CVE-2017-12947

Publication date

2017-08-18 18:00:00

Family

mitre

State

PUBLISHED

Description

classescontrolleradminmodals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in an untrash action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators.