Descrição
Pradeep Makone wordpress Support Plus Responsive Ticket System version 9.0.2 and earlier contains a SQL Injection vulnerability in the function to get tickets, the parameter email in cookie was injected that can result in filter the parameter. This attack appear to be exploitable via web site, without login. This vulnerability appears to have been fixed in 9.0.3 and later.
Software
Não informado
Tipo Software
Core
CVE
CVE-2018-1000131
Tags
Nâo informado
Data de publicação
14/03/2018
Última atualização
08/12/2024
Pontuação em CVSS 3.0
---
Não medido