The slickquiz plugin through 1.3.7.1 for WordPress allows SQL Injection by Subscriber users, as demonstrated by a /wp-admin/admin.php?page=slickquiz-scores&id= or /wp-admin/admin.php?page=slickquiz-edit&id= or /wp-admin/admin.php?page=slickquiz-preview&id= URI.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-09-13T12:19:23
Updated: 2024-08-04T23:24:38.804Z
Reserved: 2019-06-01T00:00:00
Link: CVE-2019-12516
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-09-13T13:15:11.197
Modified: 2019-10-29T21:00:45.427
Link: CVE-2019-12516
Redhat
No data.