The Email Before Download WordPress plugin prior to 6.8 does not properly validate and escape the order and orderby GET parameters before using them in SQL statements, leading to authenticated SQL injection issues
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mandsconsulting email before download |