This Copperleaf Photolog plugin is prone to an SQL injection vulnerability. It allows the attackers to execute arbitrary SQL commands via the “postid” parameter.
Update the plugin.
CPE | Name | Operator | Version |
---|---|---|---|
copperleaf photolog | le | 0.16 |