The Note Press WordPress plugin up to and including 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
datainterlock note press |