1
Candidate: CVE-2015-2213
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2213
6
SQL injection vulnerability in the wp_untrash_post_comments function in
7
wp-includes/post.php in WordPress before 4.2.4 allows remote attackers to
8
execute arbitrary SQL commands via a comment that is mishandled after
9
retrieval from the trash.
13
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794560
19
upstream: https://core.trac.wordpress.org/changeset/33555
20
upstream: https://core.trac.wordpress.org/changeset/33556
21
upstream_wordpress: released (4.2.4+dfsg-1)
22
precise_wordpress: ignored (reached end-of-life)
23
precise/esm_wordpress: DNE (precise was needs-triage)
24
trusty_wordpress: needs-triage
25
vivid_wordpress: ignored (reached end-of-life)
26
vivid/stable-phone-overlay_wordpress: DNE
27
vivid/ubuntu-core_wordpress: DNE
28
wily_wordpress: not-affected (4.2.4+dfsg-1)
29
xenial_wordpress: not-affected (4.2.4+dfsg-1)
30
yakkety_wordpress: not-affected (4.2.4+dfsg-1)
31
zesty_wordpress: not-affected (4.2.4+dfsg-1)
32
artful_wordpress: not-affected (4.2.4+dfsg-1)
33
bionic_wordpress: not-affected (4.2.4+dfsg-1)
34
devel_wordpress: not-affected (4.2.4+dfsg-1)