WP Block and Stop Bad Bots < 6.88 - Unauthenticated SQLi
CVE-2021-25070
9.8CRITICAL
What is CVE-2021-25070?
The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, leading to an SQL Injection issue
Affected Version(s)
Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection 6.88