2 matches found
CVE-2016-20073 Answer My Question 1.3 Plugin WordPress SQL Injection via modal.php
Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' POST parameter. Attackers can submit crafted SQL statements to the modal.php endpoint to extract...
WordPress Plugin Answer My Question SQL Injection Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the id parameter of the modal.php page of the Wordpress plugin Answer My Question...