Approved changes feed: RSS · Atom

cpe:2.3:a:dwbooster:cp_image_store_with_slideshow:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

VendorDwbooster (68f45f7b-4028-5f7d-8f51-d831b376be86)
ProductCp Image Store With Slideshow (3fb71553-75a8-50de-915d-33819ed538a3)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-1692 vulnerable 2026-06-08 05:39:13.715802 CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi
The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the ordering_by query parameter before using it in a SQL statement in pages where the [codepeople-image-store] is embed, allowing unauthenticated users to perform an SQL injection attack
Published: 2022-06-06T08:51:29.000Z
Updated: 2024-08-03T00:10:03.848Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.