Wordpress Google Document Embedder SQL Injection Vulnerability

Summary
This host is installed with WordPress Google Document Embedder and is prone to sql injection vulnerability.
Impact
Successful exploitation will allow attacker to manipulate SQL queries in the backend database, and disclose certain sensitive information. Impact Level: Application
Solution
Upgrade to version 2.5.15 or later, For updates refer http://wordpress.org/extend/plugins/google-document-embedder
Insight
Flaw is due to the /google-document-embedder /view.php script not properly sanitizing user-supplied input via the 'gpid' GET parameter.
Affected
WordPress Google Doc Embedder Plugin version 2.5.14, prior may also be affected.
Detection
Send a crafted request via HTTP GET and check whether it is able to execute sql query or not.
References