WordPress plugin Realty Workstation SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. SQL injection vulnerability exists in versions prior to WordPress Realty Workstation plugin 1.0.15,...

PT-2022-14049 · WordPress · Realty Workstation

Name of the Vulnerable Software and Affected Versions: The Realty Workstation WordPress plugin versions prior to 1.0.15 Description: The issue arises from the lack of sanitization and escaping of the trans edit parameter before its use in a SQL statement when an agent edits a transaction, leading...