exploitDog

GHSA-5qj4-c6xg-8vx4

Опубликовано: 12 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

The Podcast Importer SecondLine WordPress plugin before 1.3.8 does not sanitise and properly escape some imported data, which could allow SQL injection attacks to be performed by imported a malicious podcast file

The Podcast Importer SecondLine WordPress plugin before 1.3.8 does not sanitise and properly escape some imported data, which could allow SQL injection attacks to be performed by imported a malicious podcast file

Ссылки

EPSS

Процентиль: 68%

0.00567

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2022-1023

CVSS3: 7.2

nvd

почти 4 года назад

The Podcast Importer SecondLine WordPress plugin before 1.3.8 does not sanitise and properly escape some imported data, which could allow SQL injection attacks to be performed by imported a malicious podcast file

EPSS

Процентиль: 68%

0.00567

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89