2 matches found
CVE-2021-38324
The SP Rental Manager WordPress plugin is vulnerable to SQL Injection via the orderby parameter found in the /user/shortcodes.php file which allows attackers to retrieve information contained in a site's database, in versions up to and including 1.5.3...
CVE-2021-38324
The CVE concerns the SP Rental Manager WordPress plugin, affected in versions up to 1.5.3. It specifies an unauthenticated SQL Injection vulnerability in the orderby parameter within the ~/user/shortcodes.php file, enabling retrieval of data from the site database. The provided documents do not i...