WordPress 4.7.1 commands Execute Code Sql Injection Vulnerability
The information has been provided by David Herrera.
The original article can be found at: http://www.securityfocus.com/bid/95816
* WordPress 4.7.1
SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name.
Publish Date : 2017-01-29
Last Update Date : 2017-02-05