CVE-2014-125099 MEDIUM

CVE-2014-125099: I Recommend This Plugin dot-irecommendthis.php sql injection

Vendor N/A
Product I Recommend This Plugin
Weakness CWE-89 · SQLi
Published April 20, 2023
Last update August 6, 2024
View on NVD All CVEs

CVSS base score

6.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability has been found in I Recommend This Plugin up to 3.7.2 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality of the file dot-irecommendthis.php. The manipulation leads to sql injection. The attack can be launched remotely. Upgrading to version 3.7.3 is able to address this issue. The identifier of the patch is 058b3ef5c7577bf557557904a53ecc8599b13649. It is recommended to upgrade the affected component. The identifier VDB-226309 was assigned to this vulnerability.

Key dates

02Disclosure timeline

April 20, 2023 CVE published
August 6, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-30486 WordPress Media Library Folders plugin <= 8.1.7 - Auth. SQL Injection vulnerability CVE-2024-32551 WordPress SP Project & Document Manage plugin <= 4.71 - Auth. SQL Injection vulnerability CVE-2025-11310 Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 findFileServerPage.do findFileServerPage sql injection CVE-2015-10077 webbuilders-group silverstripe-kapost-bridge KapostService.php getPreview sql injection CVE-2024-11632 code-projects Simple Car Rental System book_car.php sql injection