The Wow Countdowns WordPress plugin up to and including 3.1.2 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wow-company wow countdowns |