CVE-2022-0349

The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nxid parameter before using it in a SQL statement, leading to an Unauthenticated Blind SQL Injection...

WordPress plugin NotificationX SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress NotificationX Plugin versions prior to 2.3.9. The...