SQL Injection in Automattic Jetpack
CVE-2011-4673
SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
Vulnerability class: SQL Injection
EPSS: 0.022 (80.1th percentile) — read the EPSS interpretation.
Affected products
- Automattic Jetpack
- Wordpress
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (Exploit, exploit, x_refsource_EXPLOIT-DB)
- cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)