CVE-2015-9451

Name of the Vulnerable Software and Affected Versions plugmatter-optin-feature-box-lite plugin version 2.0.13 and earlier

Description The issue concerns a SQL injection vulnerability. It affects the wp-admin/admin-ajax.php endpoint, specifically the action=pmfb mailchimp and the pmfb tid parameter.

Recommendations For versions prior to 2.0.14, update to version 2.0.14 or later to resolve the issue. As a temporary workaround, consider restricting access to the wp-admin/admin-ajax.php endpoint with the action=pmfb mailchimp and the pmfb tid parameter until the update is applied.