Vulnerabilities > CYR TO LAT Project

DATE CVE VULNERABILITY TITLE RISK
2023-10-20 CVE-2022-4290 SQL Injection vulnerability in CYR to LAT Project CYR to LAT
The Cyr to Lat plugin for WordPress is vulnerable to authenticated SQL Injection via the 'ctl_sanitize_title' function in versions up to, and including, 3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
cyr-to-lat-project CWE-89
8.8