![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2022-32941 – Apple iPhone OS Vulnerability
November 8, 2022![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
November 8, 2022![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2022-32941 – Apple iPhone OS Vulnerability
November 8, 2022![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
November 8, 2022Severity
High
Analysis Summary
CVE-2022-3254
The WordPress Classifieds Plugin WordPress plugin before 4.3 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users and when a specific premium module is active, leading to a SQL injection
Impact
Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2022-3254
Affected Vendors
WordPress
Affected Products
- AWP Classifieds Plugin for WordPress 4.3
Remediation
Refer to WordPress Plugin Website for patch, upgrade or suggested workaround information.