WordPress 插件 SQL注入漏洞

WordPress Plugin is an open source application plugin for WordPress. Bello - Directory & Listing WordPress theme prior to version 1.6.0 suffers from a SQL injection vulnerability that stems from the theme not cleaning up critical parameters, resulting in their use in SQL injection statements...