Launchpad.net

CVE 2016-10917

The search-everything plugin before 8.1.6 for WordPress has SQL injection related to empty search strings, a different vulnerability than CVE-2014-2316.

See the CVE page on Mitre.org for more details.

References