2019-08-22 12:13:05
mitre
PUBLISHED
The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries.