CVE-2017-1002006
N/A
N/A
Summary
Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_contact.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ITFlux | DTracker | unspecified < 1.5 | affected |
Weaknesses
- Content Injection
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/96890
- http://www.vapidlabs.com/advisory.php?v=186
- https://wordpress.org/plugins/dtracker/
References
- http://www.securityfocus.com/bid/96890
- http://www.vapidlabs.com/advisory.php?v=186
- https://wordpress.org/plugins/dtracker/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.