10 matches found
CVE-2022-1684
The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL Injections exploitable by high privileged users such as admin...
WordPress Cube Slider plugin SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. The WordPress Cube Slider plugin 1.2 and earlier versions are vulnerable to SQL injection, which...
CVE-2022-1684
The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL Injections exploitable by high privileged users such as admin...
CVE-2022-1684
The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL Injections exploitable by high privileged users such as admin...
CVE-2022-1684
The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL Injections exploitable by high privileged users such as admin...
Sql injection
The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL Injections exploitable by high privileged users such as admin...
WordPress plugin Cube Slider SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. The WordPress Cube Slider plugin 1.2 and earlier versions are vulnerable to SQL injection, which...
CVE-2022-1684
The CVE-2022-1684 entry concerns the WordPress Cube Slider plugin (versions ≤ 1.2). The root cause is failure to sanitize and escape the idslider parameter before use in SQL queries, enabling SQL injection. The vulnerability is described as exploitable by high-privilege users (e.g., admin); Patch...
CVE-2022-1684 Cube Slider <= 1.2 - Admin+ SQLi
The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL Injections exploitable by high privileged users such as admin...
WordPress CUBE SLIDER plugin <= 1.2 - Authenticated SQL Injection (SQLi) vulnerability
Authenticated SQL Injection SQLi vulnerability was discovered by Daniel Krohmer Fraunhofer IESE, Germany and Shi Chen University of Kaiserslautern, Germany in the WordPress CUBE SLIDER plugin versions = 1.2. Solution Deactivate and delete. This plugin has been closed as of May 3, 2022 and is not...