MOABI : Continuous Software Improvement

CVE-2015-9448
Description	The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter.
Impact	CVSS v2 : 6.5 MEDIUM
Type	CWE-89
Attack Vector	CVSSv2 Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P
Quick links	CVE, NVD, CERT, Metasploit, Exploit-db, Fulldisc, Bugtraq, Microsoft, Red Hat, Debian, GitHub code/issues, Google
References	http://cinu.pl/research/wp-plugins/mail_8a2f7613577ea8e613ec274aeec14527.html https://wordpress.org/plugins/sendpress/#developers https://wpvulndb.com/vulnerabilities/8324