The Vibes plugin for WordPress has a security issue that allows attackers to access sensitive information from the database. This is because the plugin does not properly protect against time-based SQL Injection, which means that unauthorized users can add their own malicious code to the existing queries. This vulnerability exists in all versions of the plugin up to 2.2.0.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
