The WassUp plugin version 1.4 through 1.4.3 for WordPress contains several security flaws that may allow malicious users to execute unauthorized SQL commands. These vulnerabilities can be exploited by providing malicious input to the from_date and to_date parameters of the spy.php file. If exploited
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
