exploitDog

GHSA-4qw3-m7w5-cr2v

Опубликовано: 29 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, leading to an SQL Injection issue

The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, leading to an SQL Injection issue

Ссылки

EPSS

Процентиль: 67%

0.00546

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2021-25070

CVSS3: 9.8

nvd

почти 4 года назад

The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, leading to an SQL Injection issue

EPSS

Процентиль: 67%

0.00546

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89