CVE-2022-0267

The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotate_action before using it in a SQL statement via the adrotate_request_action function available to admins, leading to a SQL injection
References
Configurations

Configuration 1

cpe:2.3:a:adrotate_project:adrotate:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-03-07 09:15

Updated : 2022-03-11 08:36


NVD link : CVE-2022-0267

Mitre link : CVE-2022-0267

Products Affected
No products.
CWE