Vendor SiteGround
Affected product SiteGround Security (wordpress plugin)
Affected versions <=1.3.0
Vulnerability type CWE-89: SQL Injection
Description SiteGround Security of the affected version has multilpe parts of code that do not properly sanitize user inputs, leading to SQL injection. An attacker may need admin privilege to cause this attack.
Status Fixed
Reporter So Sakaguchi, GMO Cybersecurity by Ierae, Inc.