2 matches found
CVE-2022-2559
The Fluent Support WordPress plugin before 1.5.8 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection vulnerability exploitable by high privilege users...
NPM url-parse 安全漏洞
Url-Parse is a small Url parser that works seamlessly across Node.js and browser environments.An authorization bypass vulnerability exists in versions of NPM url-parse prior to 1.5.8, which can be exploited by attackers to bypass authorization via a user-controlled key...