ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Testimonial Slider plugin <=1.2.4 - Authenticated SQL Injection vulnerability

Product
Testimonial Slider
Description
Authenticated SQL Injection vulnerability found by DefenceCode in WordPress Testimonial Slider plugin (versions <=1.2.4).
Solution
Update the WordPress Testimonial Slider plugin to the latest version (at least 1.2.5).
Classification
Type SQL Injection
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <=1.2.4
Fixed In 1.2.5
Disclosure date
2018-01-11
Credits
DefenseCode
Submitter
ThreatPress