Lucene search
WpvulndbWPVDB-ID:68794BF0-AC44-4160-BD37-14AF2171B44DHistoryDec 02, 2022 - 12:00 a.m.
Advanced Booking Calendar <= 1.7.1 - Unauthenticated SQLi
2022-12-0200:00:00
wpscan.com
10
advanced booking calendar
unauthenticated
sqli
parameter sanitisation
0.001 Low
EPSS
Percentile
50.3%
The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users
| CPE | Name | Operator | Version |
|---|---|---|---|
| advanced-booking-calendar | eq | * |
Related
cve
cve
CVE-2022-45822
2022-12-05 11:15:11
prion
prion
Sql injection
2022-12-05 11:15:00
nvd
nvd
CVE-2022-45822
2022-12-05 11:15:11
cvelist
cvelist