edit_row parameter before using it in an SQL query, which makes it possible for authenticated attackers with a role as low as administrator to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. WP Custom Cursors by Web_Trendy <= 3.0.0 - Authenticated (Administrator+) SQL Injection
REPORT ID: 02451c8b-6835-4142-9275-acaed518c60b
The plugin contains an SQL Injection vulnerability due to the plugin does not properly sanitize and escape the
You need to log in to view the vulnerability details.