5 matches found
CVE-2022-1685
The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection...
CVE-2022-1685
The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection...
CVE-2022-1685
The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection...
CVE-2022-1685
The CVE-2022-1685 entry concerns the Five Minute Webshop WordPress plugin (versions up to 1.3.2). The vulnerability is an SQL injection in the admin Manage Products page caused by improper validation/sanitisation of the orderby parameter before it is used in a SQL statement. Several connected sou...
CVE-2022-1685 Five Minute Webshop <= 1.3.2 - Admin+ SQLi via orderby
The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection...