First published: Mon Feb 12 2024(Updated: )
The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.
Credit: contact@wpscan.com
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.