SQL injection in Advanced Database Cleaner plugin for WordPress

CERT-LatestNews ThreatsCybercrime

Exploit availability: No Description. CWE-89 – Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) The vulnerability allows a remote user to execute arbitrary SQL queries in database. The vulnerability exists due to insufficient sanitization of user-supplied data.