cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-1690,https://securityvulnerability.io/vulnerability/CVE-2022-1690,Note Press <= 0.1.10 - Admin+ SQLi via Bulk Actions,"The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the ids from the bulk actions before using them in a SQL statement in an admin page, leading to an SQL injection",Wordpress,Note Press,2.7,LOW,0.000590000010561198,false,,false,false,false,,false,false,2022-06-08T10:15:00.000Z,0
CVE-2022-1689,https://securityvulnerability.io/vulnerability/CVE-2022-1689,Note Press <= 0.1.10 - Admin+ SQLi via Update,"The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the Update parameter before using it in a SQL statement when updating a note via the admin dashboard, leading to an SQL injection",Wordpress,Note Press,2.7,LOW,0.000590000010561198,false,,false,false,false,,false,false,2022-06-08T10:15:00.000Z,0
CVE-2022-1688,https://securityvulnerability.io/vulnerability/CVE-2022-1688,Note Press <= 0.1.10 - Admin+ SQLi via id,"The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections",Wordpress,Note Press,2.7,LOW,0.000590000010561198,false,,false,false,false,,false,false,2022-06-06T08:51:23.000Z,0
CVE-2017-18548,https://securityvulnerability.io/vulnerability/CVE-2017-18548,,The note-press plugin before 0.1.2 for WordPress has SQL injection.,Wordpress,Note Press,9.8,CRITICAL,0.0013800000306218863,false,,false,false,false,,false,false,2019-08-16T13:42:38.000Z,0