WP Custom Cursors | WordPress Cursor Plugin, CVE-2022-3150

CVE, Research URL: CVE-2022-3150
Home page URL: Security reports for WP Custom Cursors | WordPress Cursor Plugin
Application: WP Custom Cursors | WordPress Cursor Plugin
Published on: Oct 17, 2022
Research Description: The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileged users such as admin
Affected versions: Min -, max 3.2.
Status: vulnerable