Intuitive Custom Post Order
1 CVEs
product
Monthly
The Intuitive Custom Post Order plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.1.4.1, due to insufficient escaping on the user supplied 'objects' and 'tags'. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.
SQLi
WordPress
Intuitive Custom Post Order
NVD
VulDB
CVSS 3.1
6.6
EPSS
0.1%
EPSS 0%
CVSS 6.6
MEDIUM
PATCH
This Month
The Intuitive Custom Post Order plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.1.4.1, due to insufficient escaping on the user supplied 'objects' and 'tags'. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.
SQLi
WordPress
Intuitive Custom Post Order
NVD
VulDB