ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Web Librarian plugin <= 3.5.4 - SQL Injection (SQLi) vulnerability

Product
WebLibrarian
Description
SQL Injection (SQLi) vulnerability found in WordPress Web Librarian plugin (versions <= 3.5.4).
Solution
Update the WordPress Web Librarian plugin to the latest available version (at least 3.5.5).
Classification
Type SQL Injection
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-2019-1010034
Versions
Affected In <= 3.5.4
Fixed In 3.5.5
Disclosure date
2019-08-21
Submitter
ThreatPress