The GigPress WordPress plugin up to and including 2.3.28 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tri gigpress |