mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-31 10:40:54 +00:00
770 B
770 B
CVE-2022-0411
Description
The Asgaros Forum WordPress plugin before 2.0.0 does not sanitise and escape the post_id parameter before using it in a SQL statement via a REST route of the plugin (accessible to any authenticated user), leading to a SQL injection
POC
Reference
Github
No PoCs found on GitHub currently.