Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance 4.4.3.3

  • Severity: high-risk
  • Status: Fixed
  • Publication: November 9, 2023

The MainWP plugin for WordPress is vulnerable to a security issue called SQL Injection. This affects versions of the plugin up to and including 4.4.3.3. The issue is caused by not properly escaping user supplied data and not preparing an existing SQL query correctly. This makes it possible for people with administrator-level access to the plugin to add extra SQL queries that can be used to get sensitive information from the database.

Detected in:

MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance fixed vulnerable versions: >= * <= 4.4.3.3
MainWP Dashboard: WordPress Management without the SaaS fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.