CVE-2022-2840 – The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape vari …

19 September 2022

Vuln ID: CVE-2022-2840

Published: 2022-09-19 14:15:11Z

Description: The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX actions available to both unauthenticated and authenticated users, leading to SQL injections

Source: NVD.NIST.GOV

Date:

19 September 2022

Categorie(s):

NVD

Tag(s):

NVD

5 free red teaming resources to get you started16 April 2024
Audio deepfakes: What they are, and the risks they present16 April 2024
31% of women in tech consider switching roles over the next year16 April 2024
IntelBroker Claims Space-Eyes Breach, Targeting US National Security Data16 April 2024
CISA in a flap as Chirp smart door locks can be trivially unlocked remotely15 April 2024