6 matches found
CVE-2017-1002026
Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function editeventcategory does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement...
WordPress Event Expresso Free SQL Injection Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Event Expresso Free is one of the event management plugin. A SQL injection vulnerability exists in WordPress Event...
CVE-2017-1002026
Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function editeventcategory does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement...
Code injection
Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function editeventcategory does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement...
CVE-2017-1002026
The CVE-2017-1002026 entry concerns the WordPress plugin Event Espresso Free (v3.1.37.11.L). The root cause is failure to sanitize the user-supplied input in the edit_event_category function via the $id parameter before it is used in an SQL statement, enabling a SQL injection. Documented impact i...
CVE-2017-1002026
Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function editeventcategory does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement...