The MultiParcels Shipping plugin for WordPress had a security issue in versions up to and including 1.14.12. This vulnerability, called a SQL Injection, allowed attackers with subscriber-level permissions to extract sensitive information from the database. The issue was fixed in 1.14.13, but an improved, more secure patch was released in version 1.14.15.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
