{"vulnerability": "CVE-2020-27481", "sightings": [{"uuid": "ea869203-ae24-4ece-b4be-8d3a8c2ceeaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27481", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3likodqfchp25", "content": "", "creation_timestamp": "2025-02-19T21:02:34.186010Z"}, {"uuid": "19deadd5-ab71-4b8b-9791-0b424793fea0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27481", "type": "seen", "source": "https://t.me/cibsecurity/16209", "content": "\u203c CVE-2020-27481 \u203c\n\nAn unauthenticated SQL Injection vulnerability in Good Layers LMS Plugin <= 2.1.4 exists due to the usage of \"wp_ajax_nopriv\" call in WordPress, which allows any unauthenticated user to get access to the function \"gdlr_lms_cancel_booking\" where POST Parameter \"id\" was sent straight into SQL query without sanitization.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-12T16:31:42.000000Z"}]}