CVSS: 9.8EPSS: 6%CPEs: 1EXPL: 1CVE-2017-1002009 – Membership Simplified <= 1.58 - SQL Injection
https://notcve.org/view.php?id=CVE-2017-1002009
17 Mar 2017 — Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete function. Existe una vulnerabilidad en el plugin Membership Simplified v1.58 de WordPress. El código en membership-simplified-for-oap-members-only/updateDB.php es vulnerable a inyecciones SQL a ciegas porque no sanitiza los valores de entrada del usuario mediante recordId en la... • http://membership.officeautopilot.com/get-it-now • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 6%CPEs: 1EXPL: 1CVE-2017-1002010 – Membership Simplified <= 1.58 Beta - SQL Injection
https://notcve.org/view.php?id=CVE-2017-1002010
17 Mar 2017 — Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete_media function. Existe una vulnerabilidad en el plugin Membership Simplified v1.58 de WordPress. El código en membership-simplified-for-oap-members-only/updateDB.php es vulnerable a inyecciones SQL a ciegas porque no sanitiza los valores de entrada del usuario mediante recordId... • http://membership.officeautopilot.com/get-it-now • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •