Vulnerabilities (CVE)

Filtered by vendor Era404 Subscribe
Filtered by product Stafflist
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1556 1 Era404 1 Stafflist 2024-02-28 7.5 HIGH 9.8 CRITICAL
The StaffList WordPress plugin before 3.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement when searching for Staff in the admin dashboard, leading to an SQL Injection