3 matches found
CVE-2022-1691
The Realty Workstation WordPress plugin before 1.0.15 does not sanitise and escape the transedit parameter before using it in a SQL statement when an agent edit a transaction, leading to an SQL injection...
CVE-2022-1691
The Realty Workstation WordPress plugin before 1.0.15 does not sanitise and escape the transedit parameter before using it in a SQL statement when an agent edit a transaction, leading to an SQL injection...
CVE-2022-1691
Summary: CVE-2022-1691 affects the Realty Workstation WordPress plugin prior to 1.0.15, where the trans_edit parameter is not sanitized/escaped in a SQL statement during transaction edits, enabling SQL injection. Multiple sources (RH, CNVD, CVE listings, PT- Security, PatchStack) confirm the issu...