5 matches found
CVE-2022-3849
creationtimestamp| type| source ---|---|--- 2022-11-28 16:28:10+00:00| seen| https://t.me/cibsecurity/53572 2025-04-28 18:10:51+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13713...
CVE-2022-3849
The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...
CVE-2022-3849
The CVE-2022-3849 entry pertains to the WP User Merger WordPress plugin (versions before 1.5.3). The vulnerability is a SQL injection caused by improper sanitisation/escaping of a parameter before it is used in a SQL statement, exploitable by users with a role as low as admin. Affected item: WP U...
CVE-2022-3849 WP User Merger < 1.5.3 - Admin+ SQLi via user_id
The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...
CVE-2022-3849 WP User Merger < 1.5.3 - Admin+ SQLi via user_id
The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...