CVE-2013-7187 | HackTesting

SQL injection vulnerability in form.php in the FormCraft plugin 1.3.7 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.

References

http://packetstormsecurity.com/files/124343/wpformcraft-sql.txt

https://exchange.xforce.ibmcloud.com/vulnerabilities/89581

http://www.exploit-db.com/exploits/30002

http://secunia.com/advisories/56044

http://www.securityfocus.com/bid/64183