2 matches found
CVE-2017-12946
classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in a delete action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators...
CVE-2017-12946
The CVE-2017-12946 issue affects the WordPress Easy Modal plugin prior to 2.1.0. The vulnerability is an SQL injection in a delete action (parameters: id, ids, or modal) passed to wp-admin/admin.php, and is exploitable by users with administrative access. In practice, an authenticated administrat...