CVE: CVE-2017-1002010

Descrizione: Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn’t sanitize user input via recordId in the delete_media function.

Vettore di attacco

Riferimenti esterni

• http://www.vapidlabs.com/advisory.php?v=188
• http://membership.officeautopilot.com/get-it-now/

Prodotti interessati

• ontraport – Membership Simplified

Relazioni con altri prodotti

Produttore:ontraport
Prodotto: Membership Simplified
Anno: 2017
CWE:
CVSS: 0.0