2 matches found
CVE-2020-14207
The DiveBook plugin 1.1.4 for WordPress was prone to a SQL injection within divelog.php, allowing unauthenticated users to retrieve data from the database via the divelog.php filterdiver parameter...
CVE-2020-14207
CVE-2020-14207 concerns the WordPress DiveBook plugin, version 1.1.4. The issue is a SQL injection in divelog.php triggered by the GET/POST parameter filter_diver , allowing unauthenticated attackers to retrieve data from the database. The connected documents do not provide a patched version or r...