mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-01 11:10:36 +00:00
777 B
777 B
CVE-2022-1688
Description
The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections
POC
Reference
- https://bulletin.iese.de/post/note-press_0-1-10_1
- https://wpscan.com/vulnerability/63d4444b-9b04-47f5-a692-c6c6c8ea7d92
Github
No PoCs found on GitHub currently.