CVE-2014-5185
SQL injection vulnerability in the Quartz plugin 1.01.1 for WordPress allows remote authenticated users with Contributor privileges to execute arbitrary SQL commands via the quote parameter in an edit action in the quartz/quote_form.php page to wp-admin/edit.php.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0355 (3.6%)
Percentil: 87.7%
EPSS: 2026-05-06
Afecta
quartz_plugin_project:quartz_pluginDescripción técnica
SQL injection vulnerability in the Quartz plugin 1.01.1 for WordPress allows remote authenticated users with Contributor privileges to execute arbitrary SQL commands via the quote parameter in an edit action in the quartz/quote_form.php page to wp-admin/edit.php.
Publicada: 6/8/2014, 19:55:04
Última modificación: 6/5/2026, 22:30:45