2024-11-21 06:00:10
WPScan
PUBLISHED
The Taskbuilder WordPress plugin before 3.0.5 does not sanitize user input into the load_orders parameter and uses it in a SQL statement, allowing high privilege users such as admin to perform SQL Injection attacks