4 matches found
CVE-2019-25212
The video carousel slider with lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2019-25212 video carousel slider with lightbox <= 1.0.6 - Authenticated (Admin+) SQL Injection
The video carousel slider with lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2019-25212 video carousel slider with lightbox <= 1.0.6 - Authenticated (Admin+) SQL Injection
The video carousel slider with lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
WordPress video carousel slider with lightbox Plugin <= 1.0.6 is vulnerable to SQL Injection
Software video carousel slider with lightbox Type Plugin Vulnerable versions = 1.0.6 Fixed in 1.0.7 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2019-25212 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 8ccaa8ef0272 Credits Ala Arfaoui Required privileg...