2 matches found
CVE-2022-1472
The CVE-2022-1472 entry concerns the WordPress plugin Better Find and Replace (pre-1.3.6). The vulnerability is an SQL injection caused by insufficient sanitization/validation/escaping of parameters before they are used in SQL statements. Affects versions
CVE-2021-24676
CVE-2021-24676 affects the WordPress plugin Better Find and Replace up to version 1.2.8 (vulnerability exists before 1.2.9). The flaw is a Reflected Cross-Site Scripting (XSS) where the GET parameter 's' is not properly escaped before being echoed on the All Masking Rules page. Root cause: inadeq...