Description
The Better Search Replace WordPress plugin before 1.4.1 does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-34841 | The Better Search Replace WordPress plugin before 1.4.1 does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks |
References
History
No history.
Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2024-08-03T00:39:07.994Z
Reserved: 2022-08-01T00:00:00.000Z
Link: CVE-2022-2593
No data.
Status : Modified
Published: 2022-08-22T15:15:15.600
Modified: 2026-06-17T04:42:10.837
Link: CVE-2022-2593
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
EUVD