Active exploit activity
CVE-2015-9323 The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection.
- Public exploit or PoC available
- Exploit activity linked
- Internet-facing CMS deployments affected
WordPress plugin exposure with public exploit material — mass targeting of internet-facing CMS installs is common once PoCs circulate.