Support » Plugin: Easy Filter » SQL-injection

  • This plugin has a SQL-injection vulnerability in at least Filter.php appendWhere -function. Date range $_GET[] are not being sanitized and are appended with through posts_where filter.

Viewing 1 replies (of 1 total)
  • Plugin Author Roni Saha

    (@ronisaha)

    Thanks for the review.
    The vulnerability was fixed at V1.6. You can give it another try.

    Thanks

Viewing 1 replies (of 1 total)
  • The topic ‘SQL-injection’ is closed to new replies.