cve/CVE-2022-1950.md at e67cd2fdb0a3b693c8a19c46acadbde4fe3ee9dd

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-16 20:27:21 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection

POC

Reference

https://wpscan.com/vulnerability/4352283f-dd43-4827-b417-0c55d0f4637d

Github

https://github.com/cyllective/CVEs

874 B Raw Blame History

CVE-2022-1950

Description

POC

Reference

Github

874 B

Raw Blame History