Description
An SQL Injection vulnerability exists in the league_id parameter of a function call made by the leaguemanager_export page.
Recommendation
To mitigate the risk, update the affected plugin to a secure version. If an update is not available or feasible, consider removing the plugin from your WordPress installation.
References
Related Issues
- WordPress Plugin Smart Google Code Inserter 3.5 SQLI - CVE-2018-3810
- WordPress Plugin Google Document Embedder 2.5.16 SQLI - CVE-2014-9173
- WordPress Plugin Google Document Embedder 2.5.14 SQLI - CVE-2014-9173
- WordPress Plugin Forum Server 1.7 SQLI - CVE-2012-6625
- Tags:
- Wordpress
- SQL Injection
Anything's wrong? Let us know Last updated on May 13, 2024