CVE-2022-0747
The Infographic Maker plugin for WordPress (iList) up to version 4.3.7 is vulnerable to unauthenticated SQL Injection via the qcld_upvote_action AJAX path. The root cause is failure to validate and escape the post_id parameter before it is used in an SQL statement, enabling unauthenticated users ...