Ap Page Builder, in versions lower than 1.7.8.2, could allow a remote attacker to send a specially crafted SQL query to the product_one_img parameter to retrieve the information stored in the database.
Publication date: Tue, 18 Jul 2023 17:15:00 +0000