VYPR

Filebird Plugin

by WordPress

CVEs (1)

  • CVE-2021-24385CriJul 12, 2021
    risk 0.64cvss 9.8epss 0.03

    The Filebird Plugin 4.7.3 introduced a SQL injection vulnerability as it is making SQL queries without escaping user input data from a HTTP post request. This is a major vulnerability as the user input is not escaped and passed directly to the get_col function and it allows SQL…