Important: Update App Builder to Version 4.3.4 or Later to Fix ‘app-builder-search’ Parameter SQL Injection Vulnerability
The vulnerability only affects websites where FULLTEXT search has been manually enabled for the post_title and post_content columns. This is done using the following SQL command: This issue is specific to tables with the wp_ prefix. Potential Risk: If FULLTEXT search is enabled for post_title and post_content in your database, an attacker could potentially access … Read more