Vulnerabilities > Calendarscripts > Watupro

DATE CVE VULNERABILITY TITLE RISK
2017-09-07 CVE-2017-9834 SQL Injection vulnerability in Calendarscripts Watupro 5.5.1
SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the watupro_questions parameter in a watupro_submit action to wp-admin/admin-ajax.php.
network
low complexity
calendarscripts CWE-89
7.5