2021-10-25 13:20:48
WPScan
PUBLISHED
The Game Server Status WordPress plugin through 1.0 does not validate or escape the server_id parameter before using it in SQL statement, leading to an Authenticated SQL Injection in an admin page