Description
SQL injection vulnerability in the wp_untrash_post_comments function in wp-includes/post.php in WordPress before 4.2.4 allows remote attackers to execute arbitrary SQL commands via a comment that is mishandled after retrieval from the trash.
Remediation
References
Related Vulnerabilities
Joomla! Core 3.x.x Cross-Site Request Forgery (3.2.0 - 3.4.1)
Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.9.24)
WordPress Plugin Quttera Web Malware Scanner Security Bypass (3.0.8.65)
WordPress Plugin Carousel slideshow 'swfupload.swf' Cross-Site Scripting (3.10)
WordPress Plugin Subscriber by BestWebSoft Cross-Site Scripting (1.3.4)