CVE-2018-5372

CVE: CVE-2018-5372
Published: 2018-01-12T09:29Z
Vendor: slidervilla
Products: testimonial_slider
Versions: 1.2.4,
Description Language: en
Description: The Testimonial Slider plugin through 1.2.4 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter).
References:
http://www.defensecode.com/advisories/DC-2018-01-005_WordPress_Testimonial_Slider_Plugin_Advisory.pdf