The SupportCandy WordPress plugin prior to 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated malicious users to perform SQL injection attacks
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
supportcandy supportcandy |