3 matches found
CVE-2022-4546
The Mapwiz WordPress plugin through 1.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
CVE-2022-4546
Mapwiz WordPress plugin (<= 1.0.1) is affected by a SQL injection due to improper sanitisation/escaping of input before SQL construction. Exploitation is described as possible by high-privilege users (e.g., admin) and is supported by multiple sources (NVD/Red Hat/CVE listing) noting an Admin+ ...
WordPress Mapwiz Plugin <= 1.0.1 is vulnerable to SQL Injection
Software Mapwiz Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-4546 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 5aebce0acd8a Credits Daniel Krohmer Required privilege Administrator Published 19...