CVE-2017-9834
Summary: CVE-2017-9834 concerns the WordPress WatuPRO plugin (versions prior to 5.5.3.7). A SQL injection flaw exists in the watupro_submit action to wp-admin/admin-ajax.php, exploitable via the watupro_questions parameter. The vulnerability allows remote attackers to execute arbitrary SQL comman...