Exploit Title : WordPress ProPlayer Plugin SQL Injection
you must sanitize the id parameter in playlist-controller.php
Also why on earth are you connecting directly to mySQL? you must use wordpress functions to access it.
- The topic ‘A Vulnerability in this plugin was published. update ASAP’ is closed to new replies.