3 matches found
CVE-2020-35012
The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to an SQL Injection...
CVE-2020-35012
The CVE concerns the Events Manager WordPress plugin (versions before 5.9.8). The root cause is failure to sanitise and escape a parameter before using it in an SQL statement, resulting in an SQL Injection. The vulnerability affects the plugin’s handling of input within SQL queries, with potentia...
CVE-2020-35012 Events Manager < 5.9.8 - Admin+ SQL Injection
The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to an SQL Injection...