CVE-2022-0383

CVE-2022-0383: WP Review Slider < 11.0 - Admin+ SQL Injection

Vendor Unknown

Product WP Review Slider

Weakness CWE-89 · SQLi

Published February 28, 2022

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The WP Review Slider WordPress plugin before 11.0 does not sanitise and escape the pid parameter when copying a Twitter source, which could allow a high privilege users to perform SQL Injections attacks

Key dates

02Disclosure timeline

February 28, 2022 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-0383 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

04Related CVE

CVE-2025-13273 Campcodes School Fees Payment Management System ajax.php sql injection CVE-2026-32767 SiYuan: Authorization Bypass Allows Arbitrary SQL Execution via Search API CVE-2024-13230 Social Share, Social Login and Social Comments Plugin – Super Socializer <= 7.14 - Unauthenticated Limited SQL Injection via 'SuperSocializerKey' CVE-2024-13475 Small Package Quotes – UPS Edition <= 4.5.16 - Unauthenticated SQL Injection CVE-2025-25116 WordPress Link to URL / Post plugin <=1.3 - SQL Injection vulnerability