WEB Invoice

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-02	CVE-2022-4372	Unspecified vulnerability in web Invoice Project web Invoice The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. network low complexity web-invoice-project	7.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.