Описание
A SQL injection vulnerability exists in the Vsourz Digital Advanced CF7 DB plugin through 1.6.1 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.
A SQL injection vulnerability exists in the Vsourz Digital Advanced CF7 DB plugin through 1.6.1 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-13571
- https://fortiguard.com/zeroday/FG-VD-19-093
- https://github.com/beerpwn/ctf/blob/master/CVE/CVE-2019-13571/report.pdf
- https://github.com/beerpwn/ctf/tree/master/CVE/CVE-2019-13571
- https://plugins.trac.wordpress.org/changeset/2123623
- https://wordpress.org/plugins/advanced-cf7-db/#developers
- https://wpvulndb.com/vulnerabilities/9479
Связанные уязвимости
CVSS3: 9.8
nvd
больше 6 лет назад
A SQL injection vulnerability exists in the Vsourz Digital Advanced CF7 DB plugin through 1.6.1 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.