Profile Builder & Profile Builder Pro < 3.3.3 - Authenticated Blind SQL Injection

System : Plugin WordPress

Name system : Profile Builder & Profile Builder Pro

Link:  https://wordpress.org/plugins/profile-builder/

Version : < 3.3.3

Active downloads: 60.000 active downloads

Vulnerability Type : Blind SQL Injection Error-based

Proof of Concept : Waiting

Patch fixed :   https://plugins.trac.wordpress.org/changeset/2430275

Published:

https://wpscan.com/vulnerability/10491

Author: lenonleite

Leave a Reply

Your email address will not be published. Required fields are marked *