Blind SQL injection in coupon_code in the MemberMouse...
Critical severity
Unreviewed
Published
May 14, 2022
to the GitHub Advisory Database
•
Updated Feb 2, 2023
Description
Published by the National Vulnerability Database
May 28, 2018
Published to the GitHub Advisory Database
May 14, 2022
Last updated
Feb 2, 2023
Blind SQL injection in coupon_code in the MemberMouse plugin 2.2.8 and prior for WordPress allows an unauthenticated attacker to dump the WordPress MySQL database via an applyCoupon action in an admin-ajax.php request.
References