Lucene search
China National Vulnerability DatabaseCNVD-2022-64663HistoryJun 13, 2022 - 12:00 a.m.
WordPress Logo Slider plugin SQL injection vulnerability
2022-06-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
21.8%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. The WordPress Logo Slider plugin 1.4.8 and earlier versions are vulnerable to SQL injection, which stems from a vulnerability in the Manage Slider Images administration page where the plugin The lsp_slider_id parameter used in the Manage Slider Images administration page is not filtered and escaped. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress logo slider plugin | le | 1.4.8 |
Related
cve
cve
CVE-2022-1687
2022-06-08 10:15:10
wpvulndb
wpvulndb
Logo Slider <= 1.4.8 - Admin+ SQLi
2022-05-09 00:00:00
wpexploit
wpexploit
Logo Slider <= 1.4.8 - Admin+ SQLi
2022-05-09 00:00:00
patchstack
patchstack
nvd
nvd
CVE-2022-1687
2022-06-08 10:15:10
cvelist
cvelist
CVE-2022-1687 Logo Slider <= 1.4.8 - Admin+ SQLi
2022-06-06 08:51:22
prion
prion
Sql injection
2022-06-08 10:15:00