1 results (0.003 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_category_page SQL injection via the cat_id parameter. El plugin awesome-filterable-portfolio versiones anteriores a 1.9 para WordPress, presenta una inyección SQL de la función afp_get_new_category_page por medio del parámetro cat_id. • http://cinu.pl/research/wp-plugins/mail_082287dbf7a24d415ff71581fc248330.html https://wordpress.org/plugins/awesome-filterable-portfolio/#developers https://wpvulndb.com/vulnerabilities/8311 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •