Critical severity9.8NVD Advisory· Published Apr 18, 2022· Updated Jun 17, 2026
CVE-2022-0785
CVE-2022-0785
Description
The Daily Prayer Time WordPress plugin before 2022.03.01 does not sanitise and escape the month parameter before using it in a SQL statement via the get_monthly_timetable AJAX action (available to unauthenticated users), leading to an unauthenticated SQL injection
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Daily Prayer Time plugindescription
- Range: <2022.03.01
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/e1e09f56-89a4-4d6f-907b-3fb2cb825255nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.