CVE-2021-24627

The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injection...

WordPress SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress G Auto-Hyperlink plugin in version 1.0.1 and earlier,...