Description
SQL injection vulnerability in the Search::setJsonAlert method in OSClass before 3.4.3 allows remote attackers to execute arbitrary SQL commands via the alert parameter in a search alert subscription action.
Remediation
References
Related Vulnerabilities
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5447)
WordPress Plugin Social Connect Cross-Site Scripting (1.0.4)
MySQL CVE-2023-22092 Vulnerability (CVE-2023-22092)
WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.6.1)
WordPress Plugin College publisher Import Arbitrary File Upload (0.1)