Tag

CVE-2018-25352

1 brief RSS

WordPress Ultimate Form Builder Lite Plugin SQL Injection Vulnerability

WordPress Ultimate Form Builder Lite plugin version 1.3.7 and below contains an SQL injection vulnerability (CVE-2018-25352) that allows authenticated attackers to manipulate database queries by injecting SQL code through the entry_id POST parameter, potentially leading to privilege escalation.

Ultimate Form Builder Lite plugin <= 1.3.7 sqli wordpress plugin CVE-2018-25352

2r 1t 1c 1h ago