Filtered by vendor Datainterlock
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1689 | 1 Datainterlock | 1 Note Press | 2024-02-28 | 4.0 MEDIUM | 2.7 LOW |
| The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the Update parameter before using it in a SQL statement when updating a note via the admin dashboard, leading to an SQL injection | |||||
| CVE-2022-1688 | 1 Datainterlock | 1 Note Press | 2024-02-28 | 4.0 MEDIUM | 2.7 LOW |
| The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections | |||||
| CVE-2022-1690 | 1 Datainterlock | 1 Note Press | 2024-02-28 | 4.0 MEDIUM | 2.7 LOW |
| The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the ids from the bulk actions before using them in a SQL statement in an admin page, leading to an SQL injection | |||||
| CVE-2017-18548 | 1 Datainterlock | 1 Note Press | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| The note-press plugin before 0.1.2 for WordPress has SQL injection. | |||||