CVE-2022-1688 Information

Description

The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard leading to SQL Injections

Reference

https://wpscan.com/vulnerability/63d4444b-9b04-47f5-a692-c6c6c8ea7d92 https://bulletin.iese.de/post/note-press_0-1-10_1