Description
WordPress Plugin Post Indexer (WPMU DEV) is prone to multiple vulnerabilities, including SQL injection and arbitrary code execution vulnerabilities. Exploiting these issues could allow an attacker to access or modify data, to execute arbitrary commands with the privileges of the user running the application, to compromise the application or the underlying database, or to compromise a vulnerable system. WordPress Plugin Post Indexer (WPMU DEV) version 3.0.6.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.0.6.2 or latest
References
Related Vulnerabilities
e107 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3731)
Joomla! Core 3.3.x Security Bypass (3.3.0 - 3.3.3)
PHP Other Vulnerability (CVE-2014-4670)
WordPress Plugin WP GDPR Compliance Cross-Site Scripting (1.5.5)
Internet Information Services Other Vulnerability (CVE-2003-0223)