2 matches found
CVE-2022-3494
CVE-2022-3494 affects the Complianz WordPress plugin (pre-6.3.4) and the Complianz Premium plugin (pre-6.3.6), allowing SQL injection via unsanitized translations. Attacks can occur through infected translation files or by translator-role users using plugins like Loco Translate or WPML. Impact pe...
CVE-2022-3494 Complianz (Free < 6.3.4, Premium < 6.3.6) - Translator SQLi
The Complianz WordPress plugin before 6.3.4, and Complianz Premium WordPress plugin before 6.3.6 allow a translators to inject arbitrary SQL through an unsanitized translation. SQL can be injected through an infected translation file, or by a user with a translator role through translation plugin...