The Note Press WordPress plugin up to and including 0.1.10 does not sanitise and escape the Update parameter before using it in a SQL statement when updating a note via the admin dashboard, leading to an SQL injection
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
datainterlock note press |