logo
DATABASE RESOURCES PRICING ABOUT US

Slider by 10Web < 1.2.36 - Multiple Authenticated SQL Injection

Description

The bulk_action, export_full and save_slider_db functionalities of the plugin were vulnerable, allowing a high privileged user (Admin), or medium one such as Contributor+ (if "Role Options" is turn on for other users) to perform a SQL Injection attacks.


Related