Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3

Critical0

High0

Medium0

Search Severity Year Type Sort Order

Reset

Showing 1-3 of 3 records

Threat Entry Updated 2024-11-21

CVE-2022-1690 - Note Press Plugin

The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the ids from the bulk actions before using them in a SQL statement in an admin page, leading to an SQL injection

PLUGIN Note Press

CVE-2022-1690

LOW CVSS 2.7 2022-06-08

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2022-1689 - Note Press Plugin

The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the Update parameter before using it in a SQL statement when updating a note via the admin dashboard, leading to an SQL injection

PLUGIN Note Press

CVE-2022-1689

LOW CVSS 2.7 2022-06-08

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2022-1688 - Note Press Plugin

The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections

PLUGIN Note Press

CVE-2022-1688

LOW CVSS 2.7 2022-06-08

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2022-1690 - Note Press Plugin

CVE-2022-1689 - Note Press Plugin

CVE-2022-1688 - Note Press Plugin

Company Links

Contact Us