PHP - CVE CyberSecurity Database News (Page 212)

Nov 7, 2022 Exploit SQL PHP

CVE-2022-43352 - How Hackers Exploit SQL Injection in Sanitization Management System v1.

In October 2022, cybersecurity researchers discovered a critical vulnerability in the open-source Sanitization Management System v1.. This bug, tracked as CVE-2022-43352, allows bad actors to

CVE-2022-3418 - Import any XML or CSV File to WordPress Plugin File Upload Vulnerability Explained

Nov 7, 2022 WordPress Exploit PHP Import any XML or CSV File to WordPress

CVE-2022-3418 - Import any XML or CSV File to WordPress Plugin File Upload Vulnerability Explained

Date Discovered: 2022 Plugin Affected: Import any XML or CSV File to WordPress (before v3.6.9) CVE: CVE-2022-3418 Severity: High (when used in multisite

Nov 7, 2022 Windows WordPress PHP Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms

CVE-2022-3463 - How Contact Form Plugin’s CSV Export Can Inject Danger into Your Business

The popular Contact Form Plugin for WordPress helps thousands of websites collect user data safely—or so you’d hope. But before version 4.3.

Nov 7, 2022 CSRF WordPress Exploit PHP Product Stock Manager

CVE-2022-3451 - How an Authorization Flaw in Product Stock Manager WordPress Plugin Let Any User Edit Critical Options

WordPress powers millions of websites—but with popularity comes risk. A recent vulnerability, CVE-2022-3451, was uncovered in the Product Stock Manager plugin, which should send

Nov 7, 2022 WordPress API SQL PHP WooCommerce Dropshipping

CVE-2022-3481 - Unauthenticated SQL Injection in WooCommerce Dropshipping Plugin (WordPress, < 4.4)

The world of WordPress plugins is vast, but sometimes even popular plugins contain severe security flaws. One such flaw—CVE-2022-3481—was discovered in the WooCommerce