Source |
CVE Liste |
Identifiant |
7674017 |
Date de publication |
2022-10-25 17:15:56 (vue: 2022-10-25 18:10:12) |
Titre |
CVE-2022-3300 |
Texte |
The Form Maker by 10Web WordPress plugin before 1.15.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin |
Envoyé |
Oui |
Condensat |
10web 2022 3300 admin before cve does escape exploitable form high injection leading maker not parameter plugin privilege properly sanitise sql statement such users using wordpress |
Tags |
Guideline
|
Stories |
|
Notes |
|
Move |
|