all InfoSec news
$1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express WordPress Plugin
Wordfence www.wordfence.com
On March 25th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an unauthenticated SQL Injection vulnerability in Email Subscribers by Icegram Express, a WordPress plugin with more than 90,000 active installations. This vulnerability can be leveraged to extract sensitive data from the database, such as password hashes. Props to Arkadiusz Hydzik ...
Read More
The post $1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express WordPress Plugin appeared first on …
bounty bug bug bounty can email express extract injection march plugin research sensitive sql sql injection sql injection vulnerability submission subscribers unauthenticated vulnerabilities vulnerability wordpress wordpress plugin wordpress security