cleantalk
Vulnerabilities and Security Researches

CP Image Store with Slideshow, CVE-2022-1692

CVE, Research URL

CVE-2022-1692

Home page URL

Security reports for CP Image Store with Slideshow

Application

CP Image Store with Slideshow

Published on
Jun 08, 2022
Research Description
The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the ordering_by query parameter before using it in a SQL statement in pages where the [codepeople-image-store] is embed, allowing unauthenticated users to perform an SQL injection attack
Affected versions
max 1.0.6.
Status
vulnerable
Previous vulnerability researches
CP Image Store with Slideshow (CVE-2022-1692) , Jun 06, 2024
CP Image Store with Slideshow (CVE-2026-0684) , Apr 16, 2026
New vulnerability
WP YouTube Lyte (CVE-2026-3299) , Apr 16, 2026
WordPress Plugin for Google Maps – WP MAPS (CVE-2025-13364) , Apr 16, 2026
WordPress Plugin for Google Maps – WP MAPS (CVE-2026-39492) , Apr 16, 2026
Tutor LMS – eLearning and online course solution (CVE-2026-0548) , Apr 16, 2026
Tutor LMS – eLearning and online course solution (CVE-2026-40740) , Apr 16, 2026