2 matches found
CVE-2017-1002010
Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the deletemedia function...
CVE-2017-1002010
CVE-2017-1002010 affects the WordPress plugin Membership Simplified (v1.58). The issue is a blind SQL injection in the file membership-simplified-for-oap-members-only/updateDB.php, caused by insufficient sanitization of the input parameter recordId used in delete_media. Public metrics show a high...