5 matches found
CVE-2022-3494
The Complianz WordPress plugin before 6.3.4, and Complianz Premium WordPress plugin before 6.3.6 allow a translators to inject arbitrary SQL through an unsanitized translation. SQL can be injected through an infected translation file, or by a user with a translator role through translation plugin...
CVE-2022-3494
The Complianz WordPress plugin before 6.3.4, and Complianz Premium WordPress plugin before 6.3.6 allow a translators to inject arbitrary SQL through an unsanitized translation. SQL can be injected through an infected translation file, or by a user with a translator role through translation plugin...
CVE-2022-3494
The Complianz WordPress plugin before 6.3.4, and Complianz Premium WordPress plugin before 6.3.6 allow a translators to inject arbitrary SQL through an unsanitized translation. SQL can be injected through an infected translation file, or by a user with a translator role through translation plugin...
Complianz (Free < 6.3.4, Premium < 6.3.6) - Translator SQLi
The plugins allow a translators to inject arbitrary SQL through an unsanitized translation. SQL can be injected through an infected translation file, or by a user with a translator role through translation plugins such as Loco Translate or WPML. 1. Install Complianz and set the following options ...
WordPress 代码注入漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The WordPress plugin is a WordPress open source application plugin. can be renamed to a PHP-terminated extension, allowing an authenticated "translator" user to inject PHP code into a PHP-terminated...