CVE-2014-9173 Information

Description

SQL injection vulnerability in view.php in the Google Doc Embedder plugin before 2.5.15 for WordPress allows remote attackers to execute arbitrary SQL commands via the gpid parameter.

Reference

http://osvdb.org/show/osvdb/115044 http://security.szurek.pl/google-doc-embedder-2514-sql-injection.html http://www.exploit-db.com/exploits/35371 https://exchange.xforce.ibmcloud.com/vulnerabilities/98944 https://plugins.trac.wordpress.org/changeset/1023572/google-document-embedder