Product
WP AutoSuggest version 0.24 contains an SQL injection vulnerability that allows an unauthenticated attacker to execute arbitrary SQL queries by injecting malicious code through the wpas_keys parameter via GET requests to autosuggest.php, potentially extracting sensitive database information.