CVE-2022-4546
Mapwiz WordPress plugin (<= 1.0.1) is affected by a SQL injection due to improper sanitisation/escaping of input before SQL construction. Exploitation is described as possible by high-privilege users (e.g., admin) and is supported by multiple sources (NVD/Red Hat/CVE listing) noting an Admin+ ...