Headline
CVE-2022-45355: WordPress WP Pipes plugin <= 1.33 - Auth. SQL Injection (SQLi) vulnerability - Patchstack
Auth. (admin+) SQL Injection (SQLi) vulnerability in ThimPress WP Pipes plugin <= 1.33 versions.
Solution
Update the WordPress WP Pipes plugin to the latest available version (at least 1.4.0).
Mika discovered and reported this SQL Injection vulnerability in WordPress WP Pipes Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information. This vulnerability has been fixed in version 1.4.0.
No other known vulnerabilities for this pluginReport
Report to Patchstack Alliance bounty platform and earn monthly cash prizes.
Learn more