VIR Vulnerability Intelligence Relay

CVE-2014-7959

medium
Published 2014-11-06 · Modified 2026-05-06
CVSS v3
CVSS v2
6.5
VIR risk
6.5

Description

SQL injection vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tableprefix parameter.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://wordpress.org/plugins/bulletproof-security/changelog/

Application impact
VendorProductVersionsFixed
ait-probulletproof_security.44
ait-probulletproof_security.44.1
ait-probulletproof_security.45
ait-probulletproof_security.45.1
ait-probulletproof_security.45.2
ait-probulletproof_security.45.3
ait-probulletproof_security.45.4
ait-probulletproof_security.45.5
ait-probulletproof_security.45.6
ait-probulletproof_security.45.7
ait-probulletproof_security.45.8
ait-probulletproof_security.45.9
ait-probulletproof_security.46
ait-probulletproof_security.46.1
ait-probulletproof_security.46.2
ait-probulletproof_security.46.3
ait-probulletproof_security.46.4
ait-probulletproof_security.46.5
ait-probulletproof_security.46.6
ait-probulletproof_security.46.7
ait-probulletproof_security.46.8
ait-probulletproof_security.46.9
ait-probulletproof_security.47
ait-probulletproof_security.47.1
ait-probulletproof_security.47.2
ait-probulletproof_security.47.3
ait-probulletproof_security.47.4
ait-probulletproof_security.47.5
ait-probulletproof_security.47.6
ait-probulletproof_security.47.7
ait-probulletproof_security.47.8
ait-probulletproof_security.47.9
ait-probulletproof_security.48
ait-probulletproof_security.48.1
ait-probulletproof_security.48.2
ait-probulletproof_security.48.3
ait-probulletproof_security.48.4
ait-probulletproof_security.48.5
ait-probulletproof_security.48.6
ait-probulletproof_security.48.7
ait-probulletproof_security.48.8
ait-probulletproof_security.48.9
ait-probulletproof_security.49
ait-probulletproof_security.49.1
ait-probulletproof_security.49.2
ait-probulletproof_security.49.3
ait-probulletproof_security.49.4
ait-probulletproof_security.49.5
ait-probulletproof_security.49.6
ait-probulletproof_security.49.7
ait-probulletproof_security.49.8
ait-probulletproof_security.49.9
ait-probulletproof_security.50
ait-probulletproof_security.50.1
ait-probulletproof_security.50.2
ait-probulletproof_security.50.3
ait-probulletproof_security.50.4
ait-probulletproof_security.50.5
ait-probulletproof_security.50.6
ait-probulletproof_security.50.7
ait-probulletproof_security.50.8
ait-probulletproof_security.50.9
ait-probulletproof_security.51

References

CWEs

CWE-89

Verify integrity in audit chain (admin only). AS-IS.