WordPress · Wp Google Review Slider · CVE-2019-25745
**Name of the Vulnerable Software and Affected Versions**
Google Review Slider version 6.1
**Description**
A time-based blind SQL injection allows unauthenticated attackers to manipulate database queries. By sending GET requests to the admin interface with malicious values in the `tid` parameter, attackers can extract sensitive database information. Time-based blind SQL injection is a technique where the attacker asks the database true or false questions and determines the answer based on the time the server takes to respond.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.