cleantalk
Vulnerabilities and Security Researches

WPSmartContracts, CVE-2022-3768

CVE, Research URL

CVE-2022-3768

Home page URL

Security reports for WPSmartContracts

Application

WPSmartContracts

Published on
Nov 28, 2022
Research Description
The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author
Affected versions
Min -, max 1.3.12.
Status
vulnerable
Previous vulnerability researches
WPSmartContracts (CVE-2025-31565) , Apr 14, 2025
WPSmartContracts (CVE-2022-3768) , Jun 07, 2024
New vulnerability
Klarna Checkout for WooCommerce (CVE-2024-13925) , Apr 19, 2025
WordPress Button Plugin MaxButtons (CVE-2025-39444) , Apr 19, 2025
Course Booking System (CVE-2025-32508) , Apr 19, 2025
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Wo (CVE-2025-39588) , Apr 19, 2025
VR-Frases (collect & share quotes) (CVE-2025-0861) , Apr 19, 2025