CVE-2014-125085

Name of the Vulnerable Software and Affected Versions Gimmie Plugin version 1.2.2

Description A critical vulnerability was found in the Gimmie Plugin, affecting an unknown function of the file trigger ratethread.php. The manipulation of the t/postusername argument leads to SQL injection. This issue can be exploited by a remote attacker to execute arbitrary SQL queries.

Recommendations For Gimmie Plugin version 1.2.2, upgrade to version 1.3.0 to address this issue. As a temporary workaround, consider restricting access to the trigger ratethread.php file until the upgrade is applied. Additionally, avoid using the t/postusername argument in the affected component until the issue is resolved.