CVE-2017-1002004

Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/download.php user input isn't sanitized via the id variable before adding it to the end of an SQL query. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt