### [CVE-2022-0190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0190)
![](https://img.shields.io/static/v1?label=Product&message=Ad%20Invalid%20Click%20Protector%20(AICP)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=1.2.6%3C%201.2.6%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)

### Description

The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.6 is affected by a SQL Injection in the id parameter of the delete action.

### POC

#### Reference
- https://wpscan.com/vulnerability/ae322f11-d8b4-4b69-9efa-0fb87475fa44
- https://wpscan.com/vulnerability/ae322f11-d8b4-4b69-9efa-0fb87475fa44

#### Github
- https://github.com/ARPSyndicate/cvemon