2 matches found
CVE-2022-0267
The CVE-2022-0267 affects the WordPress AdRotate plugin prior to version 5.8.22. The vulnerability arises because adrotate_action is not sanitised/escaped before being used in a SQL statement in adrotate_request_action, an admin-accessible function, enabling SQL injection. RedHat confirms the sam...
CVE-2022-0267 AdRotate < 5.8.22 - Admin+ SQL Injection
The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotateaction before using it in a SQL statement via the adrotaterequestaction function available to admins, leading to a SQL injection...