CVE-2017-7719
CVE-2017-7719 : SQL injection in the WordPress plugin Spider Event Calendar (aka spider-event-calendar) before 1.5.52. An attacker can abuse the order_by parameter in the filescalendar_functions.php or widget_Theme_functions.php , related to front_end/frontend_functions.php , to execute arbitrary...