cpe:/a:event_list_project:event_list:0.7.8::~~~wordpress~~ CVE-2017-9429 2017-06-13T14:29:00.233-04:00 2017-08-12T21:29:23.600-04:00 6.5 NETWORK LOW SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov EXPLOIT-DB 42173 MISC http://dtsa.eu/cve-2017-9429-event-list-version-v-0-7-8-blind-based-sql-injection-sqli/ SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress allows an authenticated user to execute arbitrary SQL commands via the id parameter to wp-admin/admin.php.