CVE-2022-0771

Name of the Vulnerable Software and Affected Versions SiteSuperCharger WordPress plugin versions prior to 5.2.0

Description The issue concerns the lack of validation, sanitization, and escaping of various user inputs before using them in SQL statements via AJAX actions. This affects both unauthenticated and authenticated users, leading to Unauthenticated SQL Injections.

Recommendations For versions prior to 5.2.0, update to version 5.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to AJAX actions to minimize the risk of exploitation. Avoid using user inputs in SQL statements until the issue is resolved.