SQL Injection Vulnerability in iThemes Security Plugin for WordPress

CVE-2018-12636

The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page.

Learn more about our Wordpress Pen Testing.