Vulnerable to SQL Injection | WordPress.org

Resolved Mehraz Morshed
(@mehrazmorshed)

11 months, 1 week ago

The plugin is vulnerable to SQL Injection via the ‘attribute_value_filter’ parameter.

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Support Akash
(@akashelex)

11 months, 1 week ago

Hi @mehrazmorshed

Thank you for bringing this to our attention.

We acknowledge the issue you’ve reported regarding a potential SQL Injection vulnerability via the attribute_value_filter parameter in our plugin. Our development team is actively investigating this on our end, and we’re treating it with the highest priority. A fix will be included in an upcoming release, which we aim to make available soon.

Please feel free to reach out if you have any additional information or concerns in the meantime.

Thread Starter Mehraz Morshed
(@mehrazmorshed)

11 months, 1 week ago

Thanks for the update.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Vulnerable to SQL Injection’ is closed to new replies.

Tags

vulnerable

3 replies
2 participants
Last reply from: Mehraz Morshed
Last activity: 11 months, 1 week ago
Status: resolved