The Stock in & out WordPress plugin through 1.0.4 lacks proper sanitization before passing variables to an SQL request, making it vulnerable to SQL Injection attacks. Users with a role of contributor or higher can exploit this vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
out_of_stock_message_for_woocommerce | le | 1.0.4 |