#wordpress-plugin

CVE-2022-46860: SQL Injection Lets Hackers Hijack WordPress Short URLs

Over 43% of the web runs WordPress, and CVE-2022-46860 just handed hackers a loaded gun. A simple SQL injection in the Short URL plugin could let anyone steal your data.

CVE-2022-46818: SQL Injection Lets Attackers Raid WordPress Subscriber Lists

A sneaky SQL injection in the Email Posts to Subscribers plugin could hand attackers your full subscriber database. CVE-2022-46818 isn't new, but unpatched sites are sitting ducks.

CVE-2022-46849: The SQL Injection Lurking in Your WordPress 'Coming Soon' Page

Picture this: your site's in 'coming soon' mode, looking all sleek and professional, while hackers siphon your database dry. That's CVE-2022-46849 in action, folks—a classic SQL injection slip-up in a WordPress plugin nobody thinks twice about.