Contextual Related Posts <= 1.8.10.1 is vulnerable to SQL Injection

Unauthenticated

Published
2014-06-01

SQL injection vulnerability in the Contextual Related Posts plugin before 1.8.10.2 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE

https://www.cve.org/CVERecord?id=CVE-2014-3937

CVSS

Score:9.8

Severity:Critical

Version: 1.8.10.1

There is a patch available in v1.8.10.2 and we strongly recommend you update to this version as soon as possible.