Back
WordPress Events Manager plugin <= 5.9.7.3 - SQL Injection (SQLi) vulnerability
- Product
- Events Manager
- Description
- SQL Injection (SQLi) vulnerability found by Antony Garand in WordPress Events Manager plugin (versions <= 5.9.7.3).
- Solution
- Update the WordPress Events Manager plugin to the latest available version (at least 5.9.8).
- Classification
-
Type SQL Injection
OWASP Top 10 A1: Injection
- References
-
Plugin changelog
- CVE
- Name CVE-N/A
- Versions
-
Affected In
<= 5.9.7.3
Fixed In 5.9.8
- Disclosure date
- 2020-11-30
- Credits
- Antony Garand