WordPress Personal Dictionary <1.3.4 - Blind SQL Injection

WordPress Personal Dictionary plugin before 1.3.4 contains a blind SQL injection vulnerability. The plugin fails to properly sanitize user-supplied POST data before being interpolated in an SQL statement and executed. An attacker can possibly obtain sensitive information, modify data, and/or...

CVE-2022-1013

The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability...

CVE-2022-1013

The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability...

CVE-2022-1013

The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability...

CVE-2022-1013

The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability...

CVE-2022-1013 Personal Dictionary < 1.3.4 - Unauthenticated SQLi

The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability...

CVE-2022-1013

CVE-2022-1013 concerns the WordPress Personal Dictionary plugin pre-1.3.4, where unsanitized POST data is interpolated into SQL statements, causing a blind SQL injection. The Nucleotide/Nuclei template and related references confirm a vulnerability in the plugin’s handling of user input, enabling...

WordPress plugin Personal Dictionary SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A SQL injection vulnerability exists in the WordPre...

Personal Dictionary < 1.3.4 - Unauthenticated SQLi

The plugin fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability. PoC 1. Create a new page with the plugin's shortcode shortcode can be copied from...

WordPress Personal Dictionary plugin <= 1.3.3 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress Personal Dictionary plugin versions = 1.3.3. Solution Update the WordPress Personal Dictionary plugin to the latest available version at least 1.3.4...