CVE-2022-0773

Summary

The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users.

Affected Software

VendorProductVersion RangeStatus
UnknownDocumentor – Create Product Documentation1.5.3 <= 1.5.3affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References