Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg 2.7.9.3

  • Severity: high-risk
  • Status: Open
  • Publication: March 20, 2023

The Groundhogg plugin for WordPress is not secure and may allow attackers to access sensitive information in the database. This issue affects versions up to version 2.7.9.3. The problem occurs because the plugin does not properly protect user-supplied parameters and does not prepare existing SQL queries in a secure way.

Detected in:

Groundhogg — CRM, Newsletters, and Marketing Automation fixed vulnerable versions:
WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg open vulnerable versions: >= * <= 2.7.9.3

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.