High CVSS: HIGH CVE-2022-4290 vulnerability

CVE-2022-4290: The Cyr to Lat plugin for WordPress is vulnerable to authenticated SQL Injection

Tracked since May 6, 2026 View on NVD
cve CVE-2022-4290 cvss-8

CVSS Breakdown

8.8
CVSS Base Score
HIGH
Attack Vector
N/A
Requires physical access to exploit.
CIA Impact
Confidentiality N/A
Integrity N/A
Availability N/A

Insurance Impact Assessment

🛡️
Significant Impact

High-severity vulnerabilities may affect cyber insurance pricing and coverage terms. Demonstrating patch management reduces underwriting friction.

CVE CVE-2022-4290 with CVSS 8.8. The Cyr to Lat plugin for WordPress is vulnerable to authenticated SQL Injection via the 'ctl_sanitize_title' function in versions up to, and including, 3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This potentially allo

View on NVD

Assess your exposure

Is your organization vulnerable? Run a free domain exposure scan to check.

Scan Your Domain → Broker Scorecard

Related Threats

CVE-2026-40281
CVSS 10 critical
CVE-2023-34992: A improper neutralization of special elements used in an os command ('os command
CVSS 10 critical
CVE-2023-34976: A SQL injection vulnerability has been reported to affect Video Station. If expl
CVSS 10 critical
CVE-2023-25960: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVSS 10 critical
CVE-2023-4994: The Allow PHP in Posts and Pages plugin for WordPress is vulnerable to Remote Co
CVSS 9.9 critical
← Back to Threat Feed