← Back to CVE List
CVE-2022-1688
The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt