WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. The WordPress Cube Slider plugin 1.2 and earlier versions are vulnerable to SQL injection, which stems from the application’s failure to clean up or escape the idslider parameter before using it for SQL queries. or escaping before using the idslider parameter for SQL queries. A highly privileged attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress cube slider plugin | le | 1.2 |