CVE-2022-1688

Summary

The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections

Affected Software

VendorProductVersion RangeStatus
UnknownNote Press0.1.10 <= 0.1.10affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References