Critical severity9.8NVD Advisory· Published Aug 29, 2017· Updated May 13, 2026

CVE-2015-7517

Description

Multiple SQL injection vulnerabilities in the Double Opt-In for Download plugin before 2.0.9 for WordPress allow remote attackers to execute arbitrary SQL commands via the ver parameter to (1) class-doifd-download.php or (2) class-doifd-landing-page.php in public/includes/.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

permalink.gmane.org/gmane.comp.security.oss.general/18255nvdThird Party Advisory
www.securityfocus.com/bid/78220nvdThird Party AdvisoryVDB Entry
www.vapidlabs.com/advisory.phpnvdThird Party AdvisoryVDB Entry
wpvulndb.com/vulnerabilities/8345nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000