CVE-2017-1002006

Summary

Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_contact.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table.

Affected Software

VendorProductVersion RangeStatus
ITFluxDTrackerunspecified < 1.5affected

Weaknesses

  • Content Injection

ADP Enrichment

CVE Program Container

Additional References

References