AWP Classifieds <= 4.2.1 - Unauthenticated SQL Injection
WordPress Classifieds Plugin before 4.3 contains a SQL injection caused by improper sanitization and escaping of parameters in an AJAX action, letting unauthenticated attackers execute arbitrary SQL commands, exploit requires the premium module to be active. id: CVE-2022-3254 info: name: AWP...