The WP Fundraising Donation and Crowdfunding Platform WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via one of it’s REST route, leading to an SQL injection exploitable by unauthenticated usersRead More