The Ubigeo de Perú para Woocommerce WordPress plugin prior to 3.6.4 does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ubigeo de peru para woocommerce project ubigeo de peru para woocommerce |