Form Maker by 10Web < 1.15.6 - Admin+ SQLI
CVE-2022-3300
7.2HIGH
What is CVE-2022-3300?
The Form Maker by 10Web WordPress plugin before 1.15.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
Affected Version(s)
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder 1.15.6