VYPR
Unrated severityNVD Advisory· Published May 5, 2020· Updated Aug 4, 2024No known patch

CVE-2020-12104

CVE-2020-12104

Description

The Import feature in the wp-advanced-search plugin 3.3.6 for WordPress is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any validation.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.