CVE-2018-3811

CVE-2018-3811

SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements and did not sanitize the $_POST["oId"] variable before passing it as input into the SQL query.

Source: CVE-2018-3811

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다