2 matches found
CVE-2021-4208
CVE-2021-4208 affects the WordPress ExportFeed plugin up to version 2.0.1.0. The vulnerability stems from unsanitized/uncleaned product_id used in a SQL statement, enabling SQL injection exploitable by high-privilege users and likely affecting systems running the vulnerable plugin. Remediation re...
CVE-2021-4208 ExportFeed <= 2.0.1.0 - Admin+ SQL Injection
The ExportFeed WordPress plugin through 2.0.1.0 does not sanitise and escape the productid POST parameter before using it in a SQL statement, leading to a SQL injection vulnerability exploitable by high privilege users...