WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection

2015-09-1500:00:00

i0akiN SEC-LABORATORY

patchstack.com

EPSS

0.001

Percentile

46.5%

JSON

This WordPress CP Reservation Calendar plugin is prone to an SQL injection via dex_reservations.php. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database.