Headline
CVE-2022-43462: WordPress IP Blacklist Cloud plugin <= 5.00 - Auth. SQL Injection (SQLi) vulnerability - Patchstack
Auth. SQL Injection (SQLi) vulnerability in Adeel Ahmed’s IP Blacklist Cloud plugin <= 5.00 versions.
Solution
Deactivate and delete. This plugin has been closed as of September 28, 2022 and is not available for download. This closure is temporary, pending a full review.
Mika discovered and reported this SQL Injection vulnerability in WordPress IP Blacklist Cloud Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information and creating new administrator accounts. This vulnerability has not been known to be fixed yet.
2 other known vulnerabilities for this pluginTo plugin page
Report to Patchstack Alliance bounty platform and earn monthly cash prizes.
Learn more