CVE

CVE-2022-4357

admin

CVE-2022-4357

The LetsRecover WordPress plugin through 1.1.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.

Source: CVE-2022-4357

Exit mobile version