CVE-2021-24778

The test parameter of the xmlfeed in the Tradetracker-Store WordPress plugin before 4.6.60 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection...

WordPress plugin Tradetracker-Store SQL注入漏洞

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Tradetracker-Store has a SQL injection vulnerability, which stems from the fact that the test parameters o...