CVE-2020-36626 – Modern Tribe Panel Builder Plugin SearchFilter.php add_post_content_filtered_to_search_sql sql injection

https://notcve.org/view.php?id=CVE-2020-36626

A vulnerability classified as critical has been found in Modern Tribe Panel Builder Plugin. Affected is the function add_post_content_filtered_to_search_sql of the file ModularContent/SearchFilter.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/moderntribe/panel-builder/commit/4528d4f855dbbf24e9fc12a162fda84ce3bedc2f https://github.com/moderntribe/panel-builder/pull/173 https://vuldb.com/?id.216738 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-707: Improper Neutralization •