logo
DATABASE RESOURCES PRICING ABOUT US

Yes/No Chart < 1.0.12 - Authenticated (contributor+) Blind SQL Injection

Description

The plugin did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing medium privilege users (contributor+) to perform Blind SQL Injection attacks


Related