exploitDog

GHSA-g5h6-jgmp-66hj

Опубликовано: 14 июн. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

The Export any WordPress data to XML/CSV WordPress plugin before 1.3.5 does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability.

The Export any WordPress data to XML/CSV WordPress plugin before 1.3.5 does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability.

Ссылки

EPSS

Процентиль: 70%

0.0062

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2022-1800

CVSS3: 7.2

nvd

больше 3 лет назад

The Export any WordPress data to XML/CSV WordPress plugin before 1.3.5 does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability.

EPSS

Процентиль: 70%

0.0062

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89