Date: Thu, 16 Apr 2015 11:20:11 +0200 From: "Hannes Trunde" <hannes.trunde@...il.com> To: <cve-assign@...re.org> Cc: <oss-security@...ts.openwall.com> Subject: AW: CVE request: SQL injection vulnerability in WordPress plugins Community Events 1.3.5, Tune Library 1.5.4, WP Symposium 15.1 > > 3) WP Symposium plugin SQL injection vulnerability > > Affected version: 15.1 (and likely all versions below) > > Fixed version: Not yet available, author is working on a fix > > Plugin URL: https://wordpress.org/plugins/wp-symposium/ (still disabled by WordPress.org team) > > Is this different from > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8810 > > ? We feel that we may not have definitive information about whether that SQL injection was ever fixed. The http://www.wpsymposium.com/2014/11/release-information-for-v14-11/ > page no longer exists with its 2014 content, but had previously only mentioned fixing XSS, not fixing SQL injection. Hi, it's definitely a different vulnerability, as CVE-2014-8810 regards a SQL injection vulnerability in ajax/mail_functions.php whereas the problem I discovered exists in a forum function. I received the following notification from the plugin author: > From: Simon (WPS) [mailto:simon@...ymposium.com] > Sent: Wednesday, 15. April 2015 09:54 > To: Hannes Trunde > Subject: Re: AW: SQL Injection Vulnerability in WP Symposium > > Thanks Hannes, I've implemented the fix in the code and will be looking to get it uploaded to the WordPress repo later today. > > Kind regards > Simon I will post the changelog link and details of the vulnerability as soon as the plugin page is online again. By the way - what would be the best way to publish the vulnerability details? A reply to this thread or posting it to Exploit-DB, Packet Storm or other mailing lists like Fulldisc or Bugtraq? Any best practices? Thank you very much! -- Hannes Trunde
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ