CVE-2022-2559

CVE-2022-2559: Fluent Support < 1.5.8 - Admin+ SQLi

Vendor Unknown

Product Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin

Weakness CWE-89 · SQLi

Published August 29, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Fluent Support WordPress plugin before 1.5.8 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection vulnerability exploitable by high privilege users

Key dates

02Disclosure timeline

August 29, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-2559

Related vulnerabilities

04Related CVE

CVE-2025-11062 Campcodes Online Learning Management System save_student.php sql injection CVE-2025-31089 WordPress Order Splitter for WooCommerce plugin <= 5.3.0 - SQL Injection Vulnerability CVE-2023-5431 Left right image slideshow gallery <= 12.0 - Authenticated (Subscriber+) SQL Injection via Shortcode CVE-2020-36541 Demokratian genera_select.php sql injection CVE-2025-10048 My Auctions Allegro Plugin <= 3.6.31 - Authenticated (Admin+) SQL Injection