2 matches found
CVE-2022-0949
Summary: CVE-2022-0949 affects the WordPress Stop Bad Bots plugin (versions before 6.930). The vulnerability arises from improper sanitisation/escaping of the fingerprint parameter in the stopbadbots_grava_fingerprint AJAX action, which is accessible unauthenticated. This leads to a SQL injection...
CVE-2021-25070
The vulnerability CVE-2021-25070 affects the WordPress Block Bad Bots plugin (versions before 6.88). The issue arises because the plugin does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, enabling SQL injection. Impact per sources is high/criti...