Lucene search
China National Vulnerability DatabaseCNVD-2022-64671HistoryJun 10, 2022 - 12:00 a.m.
WordPress plugin CP Image Store with Slideshow SQL Injection Vulnerability
2022-06-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
0.002 Low
EPSS
Percentile
59.5%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. The WordPress plugin CP Image Store with Slideshow version 1.0.68 has a SQL injection vulnerability, which is caused by the plugin’s failure to filter and escape the query parameter ordering_by is not filtered and escaped before. An unauthenticated attacker could use this vulnerability to perform SQL injection attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress cp image store with slideshow | lt | 1.0.68 |
Related
wpexploit
wpexploit
CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi
2022-05-09 00:00:00
cvelist
cvelist
CVE-2022-1692 CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi
2022-06-06 08:51:29
cve
cve
CVE-2022-1692
2022-06-08 10:15:10
wpvulndb
wpvulndb
CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi
2022-05-09 00:00:00
prion
prion
Sql injection
2022-06-08 10:15:00
nvd
nvd
CVE-2022-1692
2022-06-08 10:15:10
patchstack
patchstack