Description
SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Best WordPress FAQ Cross-Site Scripting (1.4.8)
WordPress Plugin Konnichiwa! Membership Cross-Site Scripting (0.8.3)
phpMyFAQ Weak Password Requirements Vulnerability (CVE-2022-3754)
WordPress 6.2.x Multiple Vulnerabilities (6.2 - 6.2.5)
WordPress Plugin Themify-WooCommerce Product Filter SQL Injection (1.4.9)