4 matches found
CVE-2022-3300
The Form Maker by 10Web WordPress plugin before 1.15.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
CVE-2022-3300 Form Maker by 10Web < 1.15.6 - Admin+ SQLI
The Form Maker by 10Web WordPress plugin before 1.15.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
CVE-2022-3300 Form Maker by 10Web < 1.15.6 - Admin+ SQLI
The Form Maker by 10Web WordPress plugin before 1.15.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
CVE-2022-3300
CVE-2022-3300 affects the WordPress plugin “Form Maker by 10Web” prior to version 1.15.6. The root cause is improper sanitization/escaping of a parameter before it is used in a SQL statement, resulting in a SQL injection. Impact is described as exploitable by high-privilege users such as admins, ...