Vulnerabilities > CVE-2022-1687 - Unspecified vulnerability in Logo Slider Project Logo Slider
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
NONE Integrity impact
LOW Availability impact
NONE Summary
The Logo Slider WordPress plugin through 1.4.8 does not sanitise and escape the lsp_slider_id parameter before using it in a SQL statement via the Manage Slider Images admin page, leading to an SQL Injection