WordPress Plugin LeagueManager 3.8 SQLI
Impact: High
Description
An SQL Injection vulnerability exists in the league_id
parameter of a function call made by the leaguemanager_export
page
Recommendation
Update or remove the affected plugin.
References
- LeagueManager
- CVE-2013-1852
- WordPress
- OWASP 2017-A9
- OWASP 2021-A6
- CWE-89
- OWASP 2017-A1
- OWASP 2021-A3
- CWE-20
👉 You might also like:
WordPress Plugin AdRotate 3.6.5 SQLI - CVE-2011-4671
WordPress Plugin AdRotate 3.6.6 SQLI - CVE-2011-4671
WordPress Plugin AdRotate 3.9.4 SQLI - CVE-2014-1854
WordPress Plugin All Video Gallery 1.1 SQLI - CVE-2012-6653
Last updated on August 07, 2021