CVE-2021-24728

Posted on by admin

CVE-2021-24728

The Membership & Content Restriction – Paid Member Subscriptions WordPress plugin before 2.4.2 did not sanitise, validate or escape its order and orderby parameters before using them in SQL statement, leading to Authenticated SQL Injections in the Members and Payments pages.

Source: CVE-2021-24728

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다