Sqli

WP STATISTICS PLUGIN SQL INJECTION VULNERABILITY

Requirements: WP-Statistics Plugin Version <= 12.0.7 Least Permission account : Subscriber account (with post edit permission) Why it is easy to exploit? This vulnerability is caused by the lack of sanitization in user provided data. An attacker with at least a subscriber account could leak sensitive data and under the right circumstances/configurations compromise your WordPress in...

Tags: