3 matches found
CVE-2022-1684
The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL Injections exploitable by high privileged users such as admin...
CVE-2022-1684
The CVE-2022-1684 entry concerns the WordPress Cube Slider plugin (versions ≤ 1.2). The root cause is failure to sanitize and escape the idslider parameter before use in SQL queries, enabling SQL injection. The vulnerability is described as exploitable by high-privilege users (e.g., admin); Patch...
CVE-2022-1684 Cube Slider <= 1.2 - Admin+ SQLi
The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL Injections exploitable by high privileged users such as admin...