Plugin <= 2.8.2 is vulnerable to SQL Injection | ww.wp.xz.cn

Resolved dooza
(@dooza)

1 year, 9 months ago

Today I got a notification from Solid Security saying WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 is vulnerable to SQL Injection. You can see here: https://patchstack.com/database/vulnerability/ti-woocommerce-wishlist/wordpress-ti-woocommerce-wishlist-plugin-2-8-2-sql-injection-vulnerability?_a_id=431 that it’s likely to be exploited. Can you let me know you are aware and that a fix is on the way?

Viewing 1 replies (of 1 total)

Plugin Author templateinvaders
(@templateinvaders)

1 year, 7 months ago

We have updated this plugin to version 2.9.0, which includes fixes for SQL injection vulnerabilities. We strongly recommend updating your setup to the latest version!

Viewing 1 replies (of 1 total)

The topic ‘Plugin <= 2.8.2 is vulnerable to SQL Injection’ is closed to new replies.

Tags

sql injection

3 replies
6 participants
Last reply from: templateinvaders
Last activity: 1 year, 7 months ago
Status: resolved