CVE-2020-25379

Wordpress Plugin Store / Mike Rooijackers Recall Products V0.8 fails to sanitize input from the 'Manufacturer[]' parameter which allows an authenticated attacker to inject a malicious SQL query.
References
Link Resource
https://zeroaptitude.com/misha/wordpress-plugin-bug-hunting-part-2/ Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:recall-products_project:recall-products:0.8:*:*:*:*:wordpress:*:*

Information

Published : 2020-09-14 04:15

Updated : 2020-09-18 07:20


NVD link : CVE-2020-25379

Mitre link : CVE-2020-25379

Products Affected
No products.
CWE