ThreatPress

WordPress Vulnerabilities Database

Back

WordPress User Control plugin <=2.1.0 - Unauthenticated SQL Injection (SQLi) vulnerability

Product
User Control
Description
Unauthenticated SQL Injection (SQLi) vulnerability found by JustThomas in WordPress User Control plugin (versions <=2.1.0).
Solution
This plugin has been closed and is no longer available for download. Please deactivate and delete.
Classification
Type SQL Injection
OWASP Top 10 A1: Injection
References
Plugin page
CVE
Name CVE-N/A
Versions
Affected In <=2.1.0
Disclosure date
2018-01-30
Credits
JustThomas
Submitter
ThreatPress