Vulnerabilities > Dwbooster > CP Image Store With Slideshow > 1.0.58
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-08 | CVE-2022-1692 | SQL Injection vulnerability in Dwbooster CP Image Store With Slideshow The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the ordering_by query parameter before using it in a SQL statement in pages where the [codepeople-image-store] is embed, allowing unauthenticated users to perform an SQL injection attack | 7.5 |