CVE-2017-20244 | Wow-Company Wow Forms 2.1 on WordPress POST Parameter admin-ajax.php send_mwp_form mwpformid sql injection (Exploit 41922)

A vulnerability categorized as critical has been discovered in Wow-Company Wow Forms 2.1 on WordPress. This impacts the function send_mwp_form of the file admin-ajax.php of the component POST Parameter Handler. The manipulation of the argument mwpformid results in sql injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is known as CVE-2017-20244. It is possible to launch the attack remotely. Furthermore, an exploit is available.VulDB Recent EntriesRead More