Unrated severityNVD Advisory· Published Oct 25, 2022· Updated May 7, 2025

Blog2Social < 6.9.10 - Subscriber+ SQLi

CVE-2022-3246

Description

The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 6.9.10 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscribers

Affected products

Unknown/Blog2social: Social Media Auto Post & Schedulerv5
Range: 6.9.10

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

wpscan.com/vulnerability/ece049b2-9a21-463d-9e8b-b4ce61919f0cmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000