Unrated severityNVD Advisory· Published Mar 17, 2015· Updated Jun 17, 2026
CVE-2015-2314
CVE-2015-2314
Description
SQL injection vulnerability in the WPML plugin before 3.1.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the lang parameter in the HTTP Referer header in a wp-link-ajax action to comments/feed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
6- klikki.fi/adv/wpml.htmlnvdExploit
- packetstormsecurity.com/files/130810/WordPress-WPML-XSS-Deletion-SQL-Injection.htmlnvdExploit
- seclists.org/fulldisclosure/2015/Mar/71nvdExploit
- wpml.org/2015/03/wpml-security-update-bug-and-fix/nvdVendor Advisory
- www.osvdb.org/119541nvd
- www.securityfocus.com/archive/1/534862/100/0/threadednvd
News mentions
0No linked articles in our index yet.