Tag
The Creative Mail plugin for WordPress is vulnerable to SQL Injection due to insufficient escaping of the 'checkout_uuid' parameter and lack of sufficient preparation on the SQL query in the `has_checkout_consent()` method, allowing unauthenticated attackers to extract sensitive information from the database.