Security Advisory

CVE-2020-24315

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-08-26 13:04:48

Last updated 2024-08-04 15:12:08

Assigner mitre

State PUBLISHED

Description

Vinoj Cardoza WordPress Poll Plugin v36 and lower executes SQL statement passed in via the pollid POST parameter due to a lack of user input escaping. This allows users who craft specific SQL statements to dump the entire targets database.

← Browse all CVEs View on cve.org ↗