NVD

Id
46878  
Name
CVE-2012-5853  
Description
SQL injection vulnerability in the "the_search_function" function in cardoza_ajax_search.php in the AJAX Post Search (cardoza-ajax-search) plugin before 1.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the srch_txt parameter in a "the_search_text" action to wp-admin/admin-ajax.php.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2015-01-07  
Modified Date
2015-01-08  
Seq
2012-5853  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
234812 46878 CVE-2012-5853 20121106 Sql injection in AJAX post Search wordpress plugin  View
234813 46878 CVE-2012-5853 https://wordpress.org/plugins/cardoza-ajax-search/changelog/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
30628 JVNDB-2012-006336 WordPress 用 AJAX Post Search プラグインの "the_search_function" 関数における SQL インジェクションの脆弱性 WordPress 用 AJAX Post Search (cardoza-ajax-search) プラグインの "the_search_function" 関数には、SQL インジェクションの脆弱性が存在します。 CVE-2012-5853 59091 CVE-2012-5853 46878 7.5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-006336.html 2012-10-12 2015-01-13 View