Sql injection

2019-10-0715:15:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.6%

JSON

The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfb_cc pmfb_tid parameter.

CPENameOperatorVersion
plugmatter_optin_feature_boxlt2.0.14

CPE	Name	Operator	Version
	plugmatter_optin_feature_box	lt	2.0.14

References

cinu.pl/research/wp-plugins/mail_ec951d52aa603c9caaca8c7005b84004.html

wordpress.org/plugins/plugmatter-optin-feature-box-lite/

wpvulndb.com/vulnerabilities/8340