Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WP Cookie User Info < 1.0.9 - Admin+ SQL Injection
Vulnerability Description
The Cookie Notification Plugin for WordPress plugin before 1.0.9 does not sanitise or escape the id GET parameter before using it in a SQL statement, when retrieving the setting to edit in the admin dashboard, leading to an authenticated SQL Injection
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
WordPress plugin SQL注入漏洞
Vulnerability Description
WordPress plugin是WordPress开源的一个应用插件。 Wordpress Plugin Cookie Notification Plugin 中存在SQL注入漏洞,该漏洞源于产品在编辑管理员面板操作时未对Get请求中的id参数中的特殊字符做有效验证。攻击者可通过该漏洞执行恶意SQL语句。以下产品及版本受到影响:Wordpress Plugin Cookie Notification Plugin 1.0.9 之前版本。
CVSS Information
N/A
Vulnerability Type
N/A