3 matches found
CVE-2022-4445
CVE-2022-4445 affects the FL3R FeelBox WordPress plugin up to version 8.1. The vulnerability is an unauthenticated SQL injection caused by improper sanitisation/escaping of input in an AJAX action, enabling an attacker to manipulate SQL queries via unauthenticated requests. Public documentation l...
CVE-2022-4445 FL3R FeelBox <= 8.1 - Unauthenticated SQLi
The FL3R FeelBox WordPress plugin through 8.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
WordPress FL3R FeelBox Plugin <= 8.1 is vulnerable to SQL Injection
Software FL3R FeelBox Type Plugin Vulnerable versions = 8.1 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-4445 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 949edd8b1308 Credits cydave Required privilege Unauthenticated Published 20...