WordPress 插件 SQL注入漏洞

WordPress Plugin is an open source application plugin for WordPress. A SQL injection vulnerability exists in the WordPress plugin WP Bannerize, which stems from an id parameter in the /Classes/wpBannerizeAdmin.php file that allows an attacker to steal sensitive information from a vulnerable site...

WordPress WP Bannerize plugin 2.0.0 – 4.0.2 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Margaux Dabert Intrinsec in WordPress WP Bannerize plugin versions = 2.0.0 – 4.0.2. Solution Deactivate and delete. This plugin has been closed as of July 19, 2021 and is not available for download. Reason: Security Issue...

WordPress Bannerize Plugin 2.8.7 - SQL Injection

The Bannerize plugin's "ajaxsorter.php" parameter is prone to an SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update...

WordPress Bannerize Plugin <= 2.8.6 - SQL Injection

Bannerize plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin...