CVE-2011-4669

CVE Database · CVE-2011-4669

CVE-2011-4669

· N/AModified

CVSS v3.1

N/A

EPSS

2.26%

Published

Dec 2, 2011

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

SQL injection vulnerability in wp-users.php in WordPress Users plugin 1.3 and possibly earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the uid parameter to index.php.

Weaknesses (CWE)

CWE-89

Affected Products (7)

wordpress · wordpress-usersvulnerable

wordpress · wordpress

References (10)

http://plugins.trac.wordpress.org/changeset/448261/wordpress-users

ExploitPatch

http://secunia.com/advisories/46442

Vendor Advisory

http://wordpress.org/extend/plugins/wordpress-users/

http://www.securityfocus.com/bid/50174

https://exchange.xforce.ibmcloud.com/vulnerabilities/70683

http://plugins.trac.wordpress.org/changeset/448261/wordpress-users

ExploitPatch

http://secunia.com/advisories/46442

Vendor Advisory

http://wordpress.org/extend/plugins/wordpress-users/

KEV Catalog EPSS Scores Vendors All CVEs