A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and previous versions for WordPress allows remote malicious users to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request. (No 7.x versions are affected.)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gvectors wpdiscuz |