The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL Injections exploitable by high privileged users such as admin
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2022-06-06T08:51:17

Updated: 2024-08-03T00:10:03.810Z

Reserved: 2022-05-12T00:00:00

Link: CVE-2022-1684

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-06-08T10:15:10.173

Modified: 2024-11-21T06:41:14.933

Link: CVE-2022-1684

cve-icon Redhat

No data.