โ† Back to Dashboard

CVE-2017-20243

HIGH NVD
CVSS Score
8.2
Severity
HIGH
Source
NVD
Published
Jun 09, 2026
Description

WordPress Car Park Booking Plugin version 13 October 17 contains a time-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the space_id parameter. Attackers can send GET requests to the booking-page endpoint with malicious space_id values using AND SLEEP() payloads to extract sensitive database information.

View Full Details โ† Back