API security news
Main / CVE-2022-1688
CVE-2022-1688
Discription

The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL InjectionsRead More

References

https://wpscan.com/vulnerability/63d4444b-9b04-47f5-a692-c6c6c8ea7d92https://bulletin.iese.de/post/note-press_0-1-10_1

Back to Main
Share

Twitter

Facebook
Subscribe for the latest news:

    • ID: CVE-2022-1688
    • Type: cve
    • Reporter: contact@wpscan.com
    • Modified: 2022-06-08 10:15:00
    CWE-89

    Categories

    • API Security
    • API
    • Bugbounty
    • CVE
    • GraphQL
    • gRPC
    • JSON-RPC
    • JSON Web Token
    • OAuth
    • SOAP
    • WebSocket
    • With threat indicators
    • WSDL
    • XML-RPC

    Gold sponsor:

    Wallarm logo
    Become a sponsor API-security.blog