3 matches found
CVE-2022-4059 Cryptocurrency Widgets Pack < 2.0 - Unauthenticated SQLi
The Cryptocurrency Widgets Pack WordPress plugin before 2.0 does not sanitise and escape some parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
CVE-2022-4059 Cryptocurrency Widgets Pack < 2.0 - Unauthenticated SQLi
The Cryptocurrency Widgets Pack WordPress plugin before 2.0 does not sanitise and escape some parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
CVE-2022-4059
CVE-2022-4059 affects the Cryptocurrency Widgets Pack WordPress plugin prior to 2.0. The root cause is failure to sanitize/escape certain parameters before using them in a SQL statement via an AJAX action accessible to unauthenticated users, enabling a SQL injection. The Nuclei templates specify ...