4 matches found
CVE-2019-25221
creationtimestamp| type| source ---|---|--- 2024-12-13 03:26:46+00:00| seen| https://infosec.exchange/users/cve/statuses/113643382736643548 2024-12-13 05:43:48+00:00| seen| https://t.me/cvedetector/12821...
CVE-2019-25221 Responsive Filterable Portfolio <=1.0.8 - Authenticated (Admin+) SQL Injection
The Responsive Filterable Portfolio plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possib...
CVE-2019-25221
CVE-2019-25221 affects the WordPress plugin Responsive Filterable Portfolio (versions ≤ 1.0.8). Root cause: insufficient escaping and lack of prepared statements in the SQL query, via the id parameter, enabling unauthenticated SQL injection to extract DB data. Evidence indicates the vendor patche...
CVE-2019-25221 Responsive Filterable Portfolio <=1.0.8 - Authenticated (Admin+) SQL Injection
The Responsive Filterable Portfolio plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possib...