CVE-2022-30998 – WordPress Homepage Product Organizer for WooCommerce plugin <= 1.1 - Multiple Authenticated SQL Injection (SQLi) vulnerabilities

https://notcve.org/view.php?id=CVE-2022-30998

19 Jul 2022 — Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress. Múltiples vulnerabilidades de Inyección SQL (SQLi) Autenticadas (rol de suscriptor o usuario superior) en el plugin Homepage Product Organizer for WooCommerce de WooPlugins.co versiones anteriores a 1.1 incluyéndola, en WordPress The Homepage Product Organizer for WooCommerce plugin for WordPress is vulnerable to SQL Injection ... • https://patchstack.com/database/vulnerability/homepage-product-organizer-for-woocommerce/wordpress-homepage-product-organizer-for-woocommerce-plugin-1-1-multiple-authenticated-sql-injection-sqli-vulnerabilities • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •