3 matches found
CVE-2022-4447
creationtimestamp| type| source ---|---|--- 2025-01-26 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-01-26 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-01-31 00:00:00+00:00| seen| The Shadowserver...
CVE-2022-4447 Fontsy <= 1.8.6 - Multiple Unauthenticated SQLi
The Fontsy WordPress plugin through 1.8.6 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
CVE-2022-4447
Summary (CVE-2022-4447): The Fontsy WordPress plugin up to version 1.8.6 is vulnerable to an SQL injection via an unauthenticated AJAX action due to improper sanitization/escaping of a parameter. Consequences described across connected sources include potential data leakage, data modification, an...