CVE-2017-1002025

Name of the Vulnerable Software and Affected Versions add-edit-delete-listing-for-member-module version 1.0

Description The issue arises from the plugin author's failure to sanitize user-supplied input via the $act variable before passing it into an SQL statement, potentially leading to SQL injection.

Recommendations For version 1.0, ensure proper sanitization of user input, specifically the $act variable, before it is used in SQL statements to prevent injection attacks. Consider validating and escaping user input to minimize the risk of exploitation.