Description A limited SQL injection risk was identified in the "browse list of users" site administration page. Remediation References CVE-2022-40315 Related Vulnerabilities WordPress 3.9.x PHP Object Injection (3.9 - 3.9.33) Plone CMS Weak Password Requirements Vulnerability (CVE-2020-7940) WordPress Plugin Automatic Online Backup 'url' Parameter Cross-Site Scripting (0.8.2) WordPress Plugin Gutenberg Blocks by WordPress Download Manager Cross-Site Scripting (2.1.8) MySQL CVE-2024-21241 Vulnerability (CVE-2024-21241) Severity Critical Classification CVE-2022-40315 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities