SQL Injection Vulnerability in Better Find and Replace WordPress Plugin

SQL Injection Vulnerability in Better Find and Replace WordPress Plugin

CVE-2022-1472 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

The Better Find and Replace WordPress plugin before 1.3.6 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection

Learn more about our Wordpress Pen Testing.