Unrated severityNVD Advisory· Published Nov 28, 2022· Updated Apr 25, 2025
WPSmartContracts < 1.3.12 - Author+ SQLi
CVE-2022-3768
Description
The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/WPSmartContractsdescription
- Range: <1.3.12
Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- wpscan.com/vulnerability/1d8bf5bb-5a17-49b7-a5ba-5f2866e1f8a3mitreexploitvdb-entrytechnical-description
- bulletin.iese.de/post/wp-smart-contracts_1-3-11/mitre
News mentions
0No linked articles in our index yet.