The Better Find and Replace WordPress plugin before 1.3.6 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/9c608b14-dc5e-469e-b97a-84696fae804c | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2022-06-20 11:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-1472
Mitre link : CVE-2022-1472
CVE.ORG link : CVE-2022-1472
JSON object : View
Products Affected
codesolz
- better_find_and_replace
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')