2 matches found
CVE-2022-4370 Multimedial Images <= 1.0b - Admin+ SQLi
The multimedial images WordPress plugin through 1.0b does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin...
CVE-2022-4370
The CVE-2022-4370 entry concerns the WordPress plugin Multimedial Images, affected in versions up to 1.0b. The root cause is improper sanitization/escaping of a parameter before it is used in a SQL statement, enabling a SQL injection. The vulnerability is exploitable by users with a role as low a...