CVE-2022-2840

Description

The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX actions available to both unauthenticated and authenticated users, leading to SQL injections

Related CPE's

Could not find any relations

References

https://wpscan.com/vulnerability/13d8be88-c3b7-4d6e-9792-c98b801ba53c

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io