CVE-2022-0254

The WordPress Zero Spam WordPress plugin before 5.2.11 does not properly sanitise and escape the order and orderby parameters before using them in a SQL statement in the admin dashboard, leading to a SQL injection
Configurations

Configuration 1

cpe:2.3:a:highfivery:zero-spam:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-03-14 03:15

Updated : 2022-03-21 07:28


NVD link : CVE-2022-0254

Mitre link : CVE-2022-0254

Products Affected
No products.
CWE