What the vulnerability does
01Description
Unauth. SQL Injection vulnerability in Cryptocurrency Widgets Pack Plugin <=1.8.1 on WordPress.
CVE-2022-44588
CRITICAL
CVE-2022-44588: WordPress Cryptocurrency Widgets Pack Plugin <=1.8.1 is vulnerable to SQL Injection
CVSS base score
9.9/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
Key dates
02Disclosure timeline
December 15, 2022
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-2197 code-projects Online Reviewer System exam-delete.php sql injection
CVE-2020-36999 elaniin CMS 1.0 - Authentication Bypass
CVE-2023-49677 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CVE-2025-13370 ProjectList <= 0.3.0 - Authenticated (Editor+) SQL Injection via 'id' Parameter
CVE-2018-25185 Wecodex Restaurant CMS 1.0 SQL Injection via Login
