CVE-2018-5374

CVE: CVE-2018-5374
Published: 2018-01-12T09:29Z
Vendor: slidervilla
Products: dbox_slider
Versions: 1.2.2,
Description Language: en
Description: The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter).
References:
http://www.defensecode.com/advisories/DC-2017-01-003_WordPress_Dbox_3D_Slider_Lite_Plugin_Advisory.pdf