Cleverplugins: >> Seo Booster >> 3.3.24 Security Vulnerabilities
Cross-Site Request Forgery (CSRF) vulnerability in cleverplugins.Com SEO Booster.This issue affects SEO Booster: from n/a through 3.8.9.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-04-15
The SEO Booster WordPress plugin before 3.8 allows for authenticated SQL injection via the "fn_my_ajaxified_dataloader_ajax" AJAX request as the $_REQUEST['order'][0]['dir'] parameter is not properly escaped leading to blind and error-based SQL injections.
CVSS Score
7.2
EPSS Score
0.007
Published
2021-12-13