CVE-2022-4681
The CVE-2022-4681 entry concerns the WordPress plugin Hide My WP (versions before 6.2.9). A parameter is not properly sanitized/escaped before being used in an SQL statement via an unauthenticated AJAX action, enabling a SQL injection. Impact is high (CVE scores show CRITICAL, AV:N/AC:L/PR:N/UI:N...