SQL Injection Vulnerability in Search Everything for WordPress
CVE-2016-10917
9.8CRITICAL
What is CVE-2016-10917?
The Search Everything plugin for WordPress, before version 8.1.6, is susceptible to SQL injection attacks due to improper handling of empty search strings. This vulnerability can potentially allow attackers to execute arbitrary SQL commands, which may compromise the integrity and security of the database. It is essential for users of this plugin to update to the latest version to mitigate this risk.