The plugin does not escape the artID parameter before using it in a SQL statement in the apvc_reset_count_art AJAX action, available to any authenticated user, leading to a SQL injection
https://example.com/wp-admin/admin-ajax.php?action=apvc_reset_count_art&artID=sleep(10)
Krzysztof Zając
Krzysztof Zając
Yes
2022-03-29 (about 1 months ago)
2022-03-29 (about 1 months ago)
2022-04-08 (about 1 months ago)