SQL-injection

  • ak

    (@apkoponen)


    9 years, 3 months ago

    This plugin has a SQL-injection vulnerability in at least Filter.php appendWhere -function. Date range $_GET[] are not being sanitized and are appended with through posts_where filter.

Viewing 1 replies (of 1 total)
  • Plugin Author Roni Saha

    (@ronisaha)

    Thanks for the review.
    The vulnerability was fixed at V1.6. You can give it another try.

    Thanks

Viewing 1 replies (of 1 total)
  • The topic ‘SQL-injection’ is closed to new replies.