Lucene search
HistoryOct 25, 2022 - 5:15 p.m.
CVE-2022-3246
blog2social
wordpress plugin
sql injection
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
37.7%
The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 6.9.10 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscribers
Affected configurations
Node
adenionblog2socialRange<6.9.10wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| adenion | blog2social | * | cpe:2.3:a:adenion:blog2social:*:*:*:*:*:wordpress:*:* |
Related
prion
prion
Sql injection
2022-10-25 17:15:00
wpexploit
wpexploit
Blog2Social < 6.9.10 - Subscriber+ SQLi
2022-10-03 00:00:00
patchstack
patchstack
cvelist
cvelist
CVE-2022-3246 Blog2Social < 6.9.10 - Subscriber+ SQLi
2022-10-25 00:00:00
wpvulndb
wpvulndb
Blog2Social < 6.9.10 - Subscriber+ SQLi
2022-10-03 00:00:00
cve
cve
CVE-2022-3246
2022-10-25 17:15:56
openvas
openvas
WordPress Blog2Social Plugin < 6.9.10 Multiple Vulnerabilities
2023-01-11 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
37.7%
Related for NVD:CVE-2022-3246