CVE-2014-10013 Information

Description

SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action.

Reference

http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html http://www.exploit-db.com/exploits/35204 https://exchange.xforce.ibmcloud.com/vulnerabilities/98589