Description
SQL injection vulnerability in zp-core/zp-extensions/wordpress_import.php in Zenphoto before 1.4.5.4 allows remote authenticated administrators to execute arbitrary SQL commands via the tableprefix parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin BuddyBoss Media Cross-Site Scripting (3.2.3)
WordPress Plugin MiwoEvents-Manage & Book Events Unspecified Vulnerability (1.2.0)
Oracle Database Server CVE-2016-5516 Vulnerability (CVE-2016-5516)
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Unspecified Vulnerability (2.11.0)
Squid Improper Privilege Management Vulnerability (CVE-2019-12522)