WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is an application plugin for WordPress. SQL injection vulnerability exists in versions of WordPress Conversios.io plugin prior to 4.6.2, which stems from the use of tvcajax in SQL statements _product_sync_bantch_wise AJAX before failing to clean, validate and escape the sync_progressive_data parameter, any authenticated attacker can exploit this vulnerability to perform SQL injection attacks.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress conversios.io plugin | lt | 4.6.2 |