VYPR

Location Manager

by WordPress

CVEs (1)

  • CVE-2021-24361CriJun 21, 2021
    risk 0.64cvss 9.8epss 0.02

    In the Location Manager WordPress plugin before 2.1.0.10, the AJAX action gd_popular_location_list did not properly sanitise or validate some of its POST parameters, which are then used in a SQL statement, leading to unauthenticated SQL Injection issues.