Lucene search
China National Vulnerability DatabaseCNVD-2022-56243HistoryJul 13, 2022 - 12:00 a.m.
WordPress Pricing Deals for WooCommerce plugin SQL注入漏洞
2022-07-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
wordpress
woocommerce
sql injection
ajax
unauthenticated users
EPSS
0.04
Percentile
92.2%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Pricing Deals for WooCommerce plugin 2.0.2.02 and earlier versions are vulnerable to SQL injection, which stems from a vulnerability that occurs when parameters are not properly cleaned and escaped before being used in SQL statements via AJAX operations available to unauthenticated users. AJAX operations available to unauthenticated users do not properly clean up and escape parameters before using them in SQL statements. An attacker could exploit this vulnerability to cause unauthenticated SQL injection.
Related
wpexploit
wpexploit
Pricing Deals for WooCommerce < 2.0.3 - Unauthenticated SQLi
2022-06-16 00:00:00
cvelist
cvelist
wpvulndb
wpvulndb
Pricing Deals for WooCommerce < 2.0.3 - Unauthenticated SQLi
2022-06-16 00:00:00
nuclei
nuclei
WordPress Pricing Deals for WooCommerce <=2.0.2.02 - SQL Injection
2022-10-21 13:28:20
nvd
nvd
CVE-2022-1057
2022-07-11 13:15:08
prion
prion
Sql injection
2022-07-11 13:15:00
cve
cve
CVE-2022-1057
2022-07-11 13:15:08