Vulnerabilities and security researches forwp-smart-contracts wp-smart-contracts

Jun 07, 2024

CVE, Research URL: CVE-2022-3768
Home page URL: Security reports for WPSmartContracts
Application: WPSmartContracts
Date: Nov 28, 2022
Research Description: The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author
Affected versions: Min -, max -.
Status: vulnerable

Apr 14, 2025

CVE, Research URL: CVE-2025-31565
Home page URL: Security reports for WPSmartContracts
Application: WPSmartContracts
Date: Apr 11, 2025
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPSmartContracts WPSmartContracts allows Blind SQL Injection. This issue affects WPSmartContracts: from n/a through 2.0.10.
Affected versions: Min -, max -.
Status: vulnerable