Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-1692

The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the ordering_by query parameter before using it in a SQL statement in pages where the [codepeople-image-store] is embed, allowing unauthenticated users to perform an SQL injection attack
Exploit prediction scoring system (EPSS) score
EPSS Score 0.032
EPSS Ranking 86.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2022-1692


Contact Us

Shodan ® - All rights reserved