5 matches found
CVE-2022-3243
The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not properly sanitise and escape imported data before using them back SQL statements, leading to SQL injection exploitable by high privilege users such as admin...
CVE-2022-3243
The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not properly sanitise and escape imported data before using them back SQL statements, leading to SQL injection exploitable by high privilege users such as admin...
CVE-2022-3243 Import all XML, CSV & TXT into WordPress < 6.5.8 - Admin+ SQLi
The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not properly sanitise and escape imported data before using them back SQL statements, leading to SQL injection exploitable by high privilege users such as admin...
CVE-2022-3243 Import all XML, CSV & TXT into WordPress < 6.5.8 - Admin+ SQLi
The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not properly sanitise and escape imported data before using them back SQL statements, leading to SQL injection exploitable by high privilege users such as admin...
CVE-2022-3243
CVE-2022-3243 affects the WordPress Import all XML, CSV & TXT plugin (versions prior to 6.5.8). The root cause is improper sanitization/escaping of imported data used in SQL statements, enabling SQL injection by high-privilege users (e.g., admins). Exploitation details exist in published entries ...