2 matches found
CVE-2022-1692
The CVE-2022-1692 issue affects the WordPress plugin CP Image Store with Slideshow prior to 1.0.68. The vulnerability arises from failing to sanitize and escape the ordering_by query parameter before it is used in a SQL statement on pages embedding [codepeople-image-store], enabling unauthenticat...
CVE-2022-1692 CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi
The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack...