CVE-2022-3494 Information

Description

The Complianz WordPress plugin before 6.3.4 and Complianz Premium WordPress plugin before 6.3.6 allow a translators to inject arbitrary SQL through an unsanitized translation. SQL can be injected through an infected translation file or by a user with a translator role through translation plugins such as Loco Translate or WPML.

Reference

https://wpscan.com/vulnerability/71db75c0-5907-4237-884f-8db88b1a9b34