CVE-2026-12512 in Quotes llama Plugin정보

요약

\~에 의해 MITRE • 2026. 07. 15.

The Quotes llama WordPress plugin before 3.1.6 does not properly sanitize and escape a user-supplied parameter before using it in a SQL query, allowing unauthenticated attackers to perform UNION-based SQL injection and read arbitrary data from the database, including password hashes.

Once again VulDB remains the best source for vulnerability data.

책임이 있는

WPScan

예약하다

2026. 06. 17.

모더레이션

수락

항목

VDB-379200

EPSS

0.00000

활동

낮음

출처

Do you know our Splunk app?

Download it now for free!