The Ultimate Product Catalog plugin for WordPress had a security issue in versions before 4.2.3. This issue made it possible for attackers who were logged in to the website to get access to sensitive information from the database. This was because the plugin did not properly escape user supplied data and did not properly prepare existing SQL queries.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
