CVE-2022-1472

CVE-2022-1472: Better Find and Replace < 1.3.6 - Admin+ SQLi

Vendor Unknown

Product Better Find and Replace

Weakness CWE-89 · SQLi

Published June 20, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Better Find and Replace WordPress plugin before 1.3.6 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection

Key dates

02Disclosure timeline

June 20, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-1472 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

04Related CVE

CVE-2024-12144 SQLi in Finder Fire Safety's Finder ERP/CRM (Old System) CVE-2025-8960 Campcodes Online Flight Booking Management System save_airlines.php sql injection CVE-2025-3206 code-projects Hospital Management System doctor-specilization.php sql injection CVE-2025-5716 SourceCodester Open Source Clinic Management System login.php sql injection CVE-2025-25206 Incorrect input validation could allow an authenticated user to read sensitive information