WordPress Search Logger plugin <= 0.9 - Authenticated SQL Injection (SQLi) vulnerability
CVSS 3.1 score
Not reported to be exploited
OWASP Top 10
Requires high role user authentication like admin.
Patchstack vPatch available since
Authenticated SQL Injection (SQLi) vulnerability discovered by Mika in WordPress Search Logger plugin (versions <= 0.9).
Deactivate and delete. This plugin has been closed as of September 5, 2022 and is not available for download. This closure is temporary, pending a full review.