CVE-2013-7187 Information

Description

SQL injection vulnerability in form.php in the FormCraft plugin 1.3.7 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.

Reference

http://packetstormsecurity.com/files/124343/wpformcraft-sql.txt http://secunia.com/advisories/56044 http://www.exploit-db.com/exploits/30002 http://www.securityfocus.com/bid/64183 https://exchange.xforce.ibmcloud.com/vulnerabilities/89581