RSS   Vulnerabilities for 'Wow forms'   RSS

2021-11-08
 
CVE-2021-24628

CWE-89
 

 
The Wow Forms WordPress plugin through 3.1.3 does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authenticated SQL injection

 

 >>> Vendor: Wow-company 7 Products
Wow forms
Modal window
Wpcalc
Wp coder
Button generator
Wow countdowns
Counter box


Copyright 2024, cxsecurity.com

 

Back to Top