Portfolio categories: 2022

Visual Email Designer for WooCommerce up to version 1.7.2 does not sanitize some parameters before to use it to build SQL queries. This implies the presence of SQL injection vulnerabilities that can be exploited by users with "author" role.

WordPress plugin Build App Online up to version 1.0.18 does not correctly sanitize input parameters used to build SQL queries in an AJAX action. This results in the presence of an unauthenticated SQL injection vulnerability.