RSS   Vulnerabilities for 'Wp-advanced-search'   RSS

2020-05-05
 
CVE-2020-12104

CWE-89
 

 
The Import feature in the wp-advanced-search plugin 3.3.6 for WordPress is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any validation.

 


Copyright 2024, cxsecurity.com

 

Back to Top