SQL Injection Vulnerability in Note Press WordPress Plugin

SQL Injection Vulnerability in Note Press WordPress Plugin

CVE-2022-1688 · LOW Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections

Learn more about our Wordpress Pen Testing.