CYBERHAWK / CVE / CVE-2017-20246

CVE-2017-20246

HIGH CVSS 8.2 other

The flaw

KittyCatfish 2.2 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to read database contents by exploiting an unescaped GET parameter. Attackers can inject SQL code through the 'kc_ad' parame

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2017-20246

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits