3 matches found
CVE-2022-4351
The Qe SEO Handyman WordPress plugin through 1.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
CVE-2022-4351 Qe SEO Handyman <= 1.0 - Admin+ SQLi
The Qe SEO Handyman WordPress plugin through 1.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
CVE-2022-4351
The CVE-2022-4351 entry concerns the Qe SEO Handyman WordPress plugin (versions 1.0 and earlier). The issue is a SQL injection caused by insufficient sanitization/escaping of a parameter before it is used in a SQL statement, enabling exploitation by high-privilege users (e.g., admin). Documents d...