Lucene search
Daniel Krohmer (Fraunhofer IESE, Germany) and Shi Chen (University of Kaiserslautern, Germany)PATCHSTACK:16005C1DF10BA0D7C987A6A0ED26DDDDHistoryMay 12, 2022 - 12:00 a.m.
WordPress CUBE SLIDER plugin <= 1.2 - Authenticated SQL Injection (SQLi) vulnerability
2022-05-1200:00:00
Daniel Krohmer (Fraunhofer IESE, Germany) and Shi Chen (University of Kaiserslautern, Germany)
patchstack.com
11
0.001 Low
EPSS
Percentile
21.9%
Authenticated SQL Injection (SQLi) vulnerability was discovered by Daniel Krohmer (Fraunhofer IESE, Germany) and Shi Chen (University of Kaiserslautern, Germany) in the WordPress CUBE SLIDER plugin (versions <= 1.2).
Solution
Deactivate and delete. This plugin has been closed as of May 3, 2022 and is not available for download. This closure is temporary, pending a full review.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cube slider | le | 1.2 |
Related
cnvd
cnvd
WordPress Cube Slider plugin SQL注入漏洞
2022-06-13 00:00:00
prion
prion
Sql injection
2022-06-08 10:15:00
cve
cve
CVE-2022-1684
2022-06-08 10:15:10
cvelist
cvelist
CVE-2022-1684 Cube Slider <= 1.2 - Admin+ SQLi
2022-06-06 08:51:17
nvd
nvd
CVE-2022-1684
2022-06-08 10:15:10