CVE-2022-1687

CVE-2022-1687: Logo Slider <= 1.4.8 - Admin+ SQLi

Vendor Unknown
Product Logo Slider
Weakness CWE-89 · SQLi
Published June 6, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Logo Slider WordPress plugin through 1.4.8 does not sanitise and escape the lsp_slider_id parameter before using it in a SQL statement via the Manage Slider Images admin page, leading to an SQL Injection

Key dates

02Disclosure timeline

June 6, 2022 CVE published
August 3, 2024 Record updated