Description
SQL injection vulnerability in the administration panel in the DMSGuestbook 1.7.0 plugin for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.
Remediation
References
Related Vulnerabilities
Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-29445)
Squid NULL Pointer Dereference Vulnerability (CVE-2018-1000027)
Zikula Cryptographic Issues Vulnerability (CVE-2010-4728)
Claroline Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-37159)
WordPress Plugin Garee's Flickr Feed Multiple Cross-Site Scripting Vulnerabilities (0.8)