SQL Injection Vulnerability in Note Press WordPress Plugin
CVE-2022-1688 · LOW Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections
Learn more about our Wordpress Pen Testing.