LearnDash < 3.1.6 - Unauthenticated SQL Injection

Affects Plugin

fixed in version 3.1.6

References

CVE 2020-6009
URL https://learndash.releasenotes.io/release/YBfaq-version-316

Classification

Type SQLI
OWASP Top 10 A1: Injection
CWE CWE-89

Miscellaneous

Views 1778
Verified No
WPVDB ID 10161

Timeline

Publicly Published 2020-04-01 (about 2 months ago)
Added 2020-04-02 (about 2 months ago)
Last Updated 2020-04-03 (about 2 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin