Description
The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database.
Remediation
References
Related Vulnerabilities
MySQL CVE-2020-14663 Vulnerability (CVE-2020-14663)
WordPress Plugin WPS Hide Login Cross-Site Request Forgery (1.0)
WordPress Plugin Slider Hero with Animation, Video Background Cross-Site Request Forgery (8.2.0)
WordPress Plugin WP Subscribe Cross-Site Scripting (1.0.2)
WordPress Plugin MailPoet Newsletters (Previous) SQL Injection (2.2)