Critical severity9.8NVD Advisory· Published Apr 25, 2022· Updated Jun 17, 2026
CVE-2022-0769
CVE-2022-0769
Description
The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the data_target parameter before it is being interpolated in an SQL statement and then executed via the rating_vote AJAX action (available to both unauthenticated and authenticated users), leading to an SQL Injection.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=3.1.0+ 1 more
- (no CPE)range: <=3.1.0
- (no CPE)range: <=3.1.0
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/05eab45d-ebe9-440f-b9c3-73ec40ef1141nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.