3 matches found
WordPress LearnDash Plugin SQL Injection (CVE-2020-6009)
An SQL injection vulnerability exists in the WordPress LearnDash Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2020-6009
LearnDash Wordpress plugin version below 3.1.6 is vulnerable to Unauthenticated SQL Injection...
CVE-2020-6009
The CVE-2020-6009 entry concerns the LearnDash WordPress plugin and affects versions below 3.1.6. The vulnerability is an unauthenticated SQL injection in the ld-groups.php code path, where user-supplied input is not properly sanitized, enabling an attacker to craft SQL queries against the back-e...