Unrated severityNVD Advisory· Published May 27, 2015· Updated Jun 17, 2026
CVE-2015-4062
CVE-2015-4062
Description
SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1 parameter in the nsp_search page to wp-admin/admin.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:*Range: <=0.9.8
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.