RSS   Vulnerabilities for 'Wp-email-users'   RSS

2022-03-14
 
CVE-2021-24959

CWE-89
 

 
The WP Email Users WordPress plugin through 1.7.6 does not escape the data_raw parameter in the weu_selected_users_1 AJAX action, available to any authenticated users, allowing them to perform SQL injection attacks.

 


Copyright 2024, cxsecurity.com

 

Back to Top