ThreatPress

WordPress Vulnerabilities Database

Back

WordPress JoomSport plugin <= 3.3 - SQL Injection (SQLi) vulnerability

Product
JoomSport
Description
SQL Injection (SQLi) vulnerability found by Pablo Santiago in WordPress JoomSport plugin (versions <= 3.3).
Solution
Update the WordPress JoomSport plugin to the latest available version (at least 3.4).
Classification
Type SQL Injection
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-2019-14348
Versions
Affected In <= 3.3
Fixed In 3.4
Disclosure date
2019-08-08
Credits
Pablo Santiago
Submitter
ThreatPress