Sirv 1.3.1 Plugin For WordPress
Homepage: https://wordpress.org/plugins/sirv/ Description: $_POST[ ‘id’ ] is not escaped. sirv_get_row_by_id() is accessible for every registered user. File / Code: add_action(‘wp_ajax_sirv_get_row_by_id’, ‘sirv_get_row_by_id’); function sirv_get_row_by_id(){ if(!(is_array($_POST) && isset($_POST[‘row_id’]) && defined(‘DOING_AJAX’) && DOING_AJAX)){ return; } global $wpdb; $table_name = $wpdb->prefix . ‘sirv_shortcodes’; $id = $_POST[‘row_id’]; $row = $wpdb->get_row(“SELECT * FROM $table_name WHERE id …