3 matches found
CVE-2017-9834
Summary: CVE-2017-9834 concerns the WordPress WatuPRO plugin (versions prior to 5.5.3.7). A SQL injection flaw exists in the watupro_submit action to wp-admin/admin-ajax.php, exploitable via the watupro_questions parameter. The vulnerability allows remote attackers to execute arbitrary SQL comman...
CVE-2017-9834
SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the watuproquestions parameter in a watuprosubmit action to wp-admin/admin-ajax.php...
WordPress Plugin WatuPRO 5.5.1 - SQL Injection
Exploit Title: SQL Injection In WatuPRO WordPress Plugin to Create Exams, Tests and Quizzes Exploit Author: Manich Koomsusi Date: 03-07-2017 Software: WatuPRO Version: 5.5.1 Website: http://calendarscripts.info/watupro/ Tested on: WordPress 4.7.5 Software Link:...