Lucene search
China National Vulnerability DatabaseCNVD-2022-64665HistoryJun 13, 2022 - 12:00 a.m.
WordPress Note Press plugin SQL injection vulnerability (CNVD-2022-64665)
2022-06-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
0.001 Low
EPSS
Percentile
22.0%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. FormCraft is one of the form creation plugins used in it. WordPress plugin is an application plugin. WordPress Note Press plugin 0.1.10 and earlier versions are vulnerable to a SQL injection vulnerability that stems from the plugin The update parameters used when updating notes via the admin dashboard are not filtered and escaped. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress note press plugin | le | 0.1.10 |
Related
wpvulndb
wpvulndb
Note Press <= 0.1.10 - Admin+ SQLi via Update
2022-05-09 00:00:00
cve
cve
CVE-2022-1689
2022-06-08 10:15:10
prion
prion
Sql injection
2022-06-08 10:15:00
nvd
nvd
CVE-2022-1689
2022-06-08 10:15:10
wpexploit
wpexploit
Note Press <= 0.1.10 - Admin+ SQLi via Update
2022-05-09 00:00:00
cvelist
cvelist
CVE-2022-1689 Note Press <= 0.1.10 - Admin+ SQLi via Update
2022-06-06 08:51:24
patchstack
patchstack