API security news
Main / CVE-2022-1689
CVE-2022-1689
Discription

The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the Update parameter before using it in a SQL statement when updating a note via the admin dashboard, leading to an SQL injectionRead More

References

https://wpscan.com/vulnerability/982f84a1-216d-41ed-87bd-433b695cec28https://bulletin.iese.de/post/note-press_0-1-10_2

Back to Main
Share

Twitter

Facebook
Subscribe for the latest news:

    • ID: CVE-2022-1689
    • Type: cve
    • Reporter: contact@wpscan.com
    • Modified: 2022-06-08 10:15:00
    CWE-89

    Categories

    • API Security
    • API
    • Bugbounty
    • CVE
    • GraphQL
    • gRPC
    • JSON-RPC
    • JSON Web Token
    • OAuth
    • SOAP
    • WebSocket
    • With threat indicators
    • WSDL
    • XML-RPC

    Gold sponsor:

    Wallarm logo
    Become a sponsor API-security.blog