Tag
The DirectoryPress WordPress plugin before 3.6.26 is vulnerable to unauthenticated SQL Injection via the 'packages' parameter, allowing attackers to extract sensitive database information.