CVE-2022-2958 – The BadgeOS WordPress plugin before 3.7.1.3 does not sanitise and escape parameters before …

19 September 2022

Vuln ID: CVE-2022-2958

Published: 2022-09-19 14:15:11Z

Description: The BadgeOS WordPress plugin before 3.7.1.3 does not sanitise and escape parameters before using them in SQL statements via AJAX actions available to any authenticated users, leading to SQL Injections

Source: NVD.NIST.GOV

Date:

19 September 2022

Categorie(s):

NVD

Tag(s):

NVD

In memoriam: Steven Young, respected CISO and former Cybersecurity Collaborative VP19 April 2024
The Biggest Deepfake Porn Website Is Now Blocked in the UK19 April 2024
The MSSP perspective: CISO insights into stronger security19 April 2024
66% of IT leaders doubt the government can defend against cyberwarfare19 April 2024
FBI chief says Chinese hackers have infiltrated critical US infrastructure19 April 2024