EUVD-2018-3348

Malware in sbrugna...

WordPress MemberMouse SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports in PHP and MySQL servers to set up personal blog sites.MemberMouse plugin is used in one of the sales management plugin. A SQL injection vulnerability exists in the...

CVE-2018-11309

Blind SQL injection in couponcode in the MemberMouse plugin 2.2.8 and prior for WordPress allows an unauthenticated attacker to dump the WordPress MySQL database via an applyCoupon action in an admin-ajax.php request...

Sql injection

Blind SQL injection in couponcode in the MemberMouse plugin 2.2.8 and prior for WordPress allows an unauthenticated attacker to dump the WordPress MySQL database via an applyCoupon action in an admin-ajax.php request...

CVE-2018-11309

Blind SQL injection in couponcode in the MemberMouse plugin 2.2.8 and prior for WordPress allows an unauthenticated attacker to dump the WordPress MySQL database via an applyCoupon action in an admin-ajax.php request...

CVE-2018-11309

Blind SQL injection in couponcode in the MemberMouse plugin 2.2.8 and prior for WordPress allows an unauthenticated attacker to dump the WordPress MySQL database via an applyCoupon action in an admin-ajax.php request...

CVE-2018-11309

CVE-2018-11309 affects the WordPress MemberMouse plugin up to version 2.2.8 (and earlier). The vulnerability is a blind SQL injection in the coupon_code parameter triggered via the applyCoupon action in admin-ajax.php, allowing an unauthenticated attacker to dump the WordPress MySQL database. Con...

Membermouse < 2.2.9 - Blind SQL Injection

Note: It seems like the affected plugin is the premium version from https://membermouse.com, the free one has been closed as of v1.2.0...