The Login with Phone Number WordPress Plugin, version < 1.4.2, is affected by an authenticated SQL injection vulnerability in the 'ID' parameter of its 'lwp_forgot_password' action.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| login_with_phone_number_project | login_with_phone_number | * |