2019-09-26 03:33:49
mitre
PUBLISHED
The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter.