Vulnerabilities > Ljapps > WP Review Slider > High

DATE CVE VULNERABILITY TITLE RISK
2023-02-13 CVE-2023-0260 Unspecified vulnerability in Ljapps WP Review Slider
The WP Review Slider WordPress plugin before 12.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.
network
low complexity
ljapps
8.8
2022-02-28 CVE-2022-0383 Unspecified vulnerability in Ljapps WP Review Slider
The WP Review Slider WordPress plugin before 11.0 does not sanitise and escape the pid parameter when copying a Twitter source, which could allow a high privilege users to perform SQL Injections attacks
network
low complexity
ljapps
7.2