Security Advisory

CVE-2020-13640

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-06-18 14:34:05
Last updated 2024-08-04 12:25:16
Assigner mitre
State PUBLISHED

Description

A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request. (No 7.x versions are affected.)