Description
MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
Remediation
References
Related Vulnerabilities
WordPress Plugin Simple Popup Newsletter Cross-Site Scripting (1.4.7)
WordPress Plugin MP3-jPlayer Multiple Cross-Site Request Forgery Vulnerabilities (2.7.3)
phpList CVE-2017-20031 Vulnerability (CVE-2017-20031)
WordPress Plugin Comment and Review Spam Control for WooCommerce Security Bypass (1.4.2)
WordPress Plugin Salon Booking System Cross-Site Scripting (6.3)