RSS   Podatności dla 'Note press'   RSS

2022-06-08
 
CVE-2022-1688

CWE-89
 

 
The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections

 
 
CVE-2022-1689

CWE-89
 

 
The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the Update parameter before using it in a SQL statement when updating a note via the admin dashboard, leading to an SQL injection

 
 
CVE-2022-1690

CWE-89
 

 
The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the ids from the bulk actions before using them in a SQL statement in an admin page, leading to an SQL injection

 
2019-08-16
 
CVE-2017-18548

CWE-89
 

 
The note-press plugin before 0.1.2 for WordPress has SQL injection.

 


Copyright 2024, cxsecurity.com

 

Back to Top