🕳️ Vulnerabilities & CVEs

CVE-2022-46860: SQL Injection Lets Hackers Hijack WordPress Short URLs

Over 43% of the web runs WordPress, and CVE-2022-46860 just handed hackers a loaded gun. A simple SQL injection in the Short URL plugin could let anyone steal your data.

theAIcatchup Apr 08, 2026 3 min read
Warning alert for CVE-2022-46860 SQL injection vulnerability in WordPress Short URL plugin

⚡ Key Takeaways

  • CVE-2022-46860 enables unauthenticated SQL injection in KaizenCoders Short URL, risking full database compromise. 𝕏
  • 43,000+ installs make this a widespread threat; no patch available yet. 𝕏
  • Deactivate now—history shows unpatched WordPress plugin flaws lead to mass exploits. 𝕏
Published by

theAIcatchup

Threat intelligence. Zero noise.

#CVE-2022-46860 #KaizenCoders Short URL #SQL injection #WordPress plugin

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by NVD Vulnerabilities

Related Stories

📬

Stay in the loop

The week's most important stories from theAIcatchup, delivered once a week.

No spam. Unsubscribe any time.