2 matches found
CVE-2022-2460
The CVE-2022-2460 entry concerns the WPDating WordPress plugin (versions prior to 7.4.0). Affected component: the plugin’s SQL queries where user input is not properly escaped before concatenation, enabling multiple SQL injection vulnerabilities. Exploitation is possible by unauthenticated users....
CVE-2022-2460 WPDating < 7.4.0 - Multiple Unauthenticated SQLi
The WPDating WordPress plugin before 7.4.0 does not properly escape user input before concatenating it to certain SQL queries, leading to multiple SQL injection vulnerabilities exploitable by unauthenticated users...