Vulnerability Details CVE-2017-1002010
Vulnerability in wordpress plugin Membership Simplified v1.58, The code in membership-simplified-for-oap-members-only/updateDB.php is vulnerable to blind SQL injection because it doesn't sanitize user input via recordId in the delete_media function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.06
EPSS Ranking 90.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2017-1002010
-
cpe:2.3:a:ontraport:membership_simplified:1.58