CVE-2022-0771

The SiteSuperCharger WordPress plugin before 5.2.0 does not validate, sanitise and escape various user inputs before using them in SQL statements via AJAX actions available to both unauthenticated and authenticated users, leading to Unauthenticated SQL Injections...

WordPress SiteSuperCharger plugin SQL注入漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. SQL injection vulnerability exists in versions of WordPress SiteSuperCharger plugin prior to...

CVE-2022-0771

The SiteSuperCharger WordPress plugin before 5.2.0 does not validate, sanitise and escape various user inputs before using them in SQL statements via AJAX actions available to both unauthenticated and authenticated users, leading to Unauthenticated SQL Injections...

CVE-2022-0771

The SiteSuperCharger WordPress plugin before 5.2.0 does not validate, sanitise and escape various user inputs before using them in SQL statements via AJAX actions available to both unauthenticated and authenticated users, leading to Unauthenticated SQL Injections...

CVE-2022-0771

The CVE-2022-0771 entry affects the SiteSuperCharger WordPress plugin (versions before 5.2.0). The root cause is failure to validate, sanitize, and escape user inputs in AJAX actions, allowing unauthenticated SQL injection via those endpoints. Impact is described as unauthenticated SQL injections...

CVE-2022-0771 SiteSuperCharger < 5.2.0 - Unauthenticated SQLi

The SiteSuperCharger WordPress plugin before 5.2.0 does not validate, sanitise and escape various user inputs before using them in SQL statements via AJAX actions available to both unauthenticated and authenticated users, leading to Unauthenticated SQL Injections...

WordPress plugin SiteSuperCharger SQL注入漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. SQL injection vulnerability exists in versions of WordPress SiteSuperCharger plugin prior to...

WordPress SiteSuperCharger plugin <= 5.1.10 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress SiteSuperCharger plugin versions = 5.1.10. Solution Update the WordPress SiteSuperCharger plugin to the latest available version at least 5.2.0...

SiteSuperCharger < 5.2.0 - Unauthenticated SQLi

The plugin does not validate, sanitise and escape various user inputs before using them in SQL statements via AJAX actions available to both unauthenticated and authenticated users, leading to Unauthenticated SQL Injections PoC curl https://example.com/wp-admin/admin-ajax.php --data...

SiteSuperCharger < 5.2.0 - Unauthenticated SQLi

The plugin does not validate, sanitise and escape various user inputs before using them in SQL statements via AJAX actions available to both unauthenticated and authenticated users, leading to Unauthenticated SQL Injections curl https://example.com/wp-admin/admin-ajax.php --data...