SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-admin/admin-ajax.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
web-dorado spider calendar 1.4.9 |