7 matches found
CVE-2022-0383
The WP Review Slider WordPress plugin before 11.0 does not sanitise and escape the pid parameter when copying a Twitter source, which could allow a high privilege users to perform SQL Injections attacks...
CVE-2022-27513
creationtimestamp| type| source ---|---|--- 2022-11-08 19:50:16+00:00| seen| https://t.me/cKure/10382 2022-11-09 12:21:41+00:00| seen| https://t.me/truesecator/3678 2024-11-20 14:08:12+00:00| seen| https://twitter.com/i/web/status/1590326328553013248 2025-05-01 20:15:51+00:00| seen|...
CVE-2022-27516
creationtimestamp| type| source ---|---|--- 2022-11-08 19:50:16+00:00| seen| https://t.me/cKure/10382 2022-11-09 12:21:41+00:00| seen| https://t.me/truesecator/3678 2024-11-20 14:08:12+00:00| seen| https://twitter.com/i/web/status/1590326328553013248 2025-05-01 20:15:52+00:00| seen|...
CVE-2022-0383
The WP Review Slider WordPress plugin before 11.0 does not sanitise and escape the pid parameter when copying a Twitter source, which could allow a high privilege users to perform SQL Injections attacks...
CVE-2022-0383
The WP Review Slider WordPress plugin before 11.0 does not sanitise and escape the pid parameter when copying a Twitter source, which could allow a high privilege users to perform SQL Injections attacks...
Sql injection
The WP Review Slider WordPress plugin before 11.0 does not sanitise and escape the pid parameter when copying a Twitter source, which could allow a high privilege users to perform SQL Injections attacks...
WP Review Slider < 11.0 - Admin+ SQL Injection
The plugin does not sanitise and escape the pid parameter when copying a Twitter source, which could allow a high privilege users to perform SQL Injections attacks Create a Twitter Source, copy it via the 'Copy' button, then change the pid parameter in the URL to 1000 UNION ALL SELECT...