CVE-2014-5185 Information

Description

SQL injection vulnerability in the Quartz plugin 1.01.1 for WordPress allows remote authenticated users with Contributor privileges to execute arbitrary SQL commands via the quote parameter in an edit action in the quartz/quote_form.php page to wp-admin/edit.php.

Reference

http://codevigilant.com/disclosure/wp-plugin-quartz-a1-injection