exploitDog

GHSA-hmc9-48x2-j657

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

A proid GET parameter of the WordPressæ”¯ä»˜å®?Alipay|è´¢ä»˜é€šTenpay|è´?å®?PayPalé›†æˆ?æ?’ä»¶ WordPress plugin through 3.7.2 is not sanitised, properly escaped or validated before inserting to a SQL statement not delimited by quotes, leading to SQL injection.

A proid GET parameter of the WordPressæ”¯ä»˜å®?Alipay|è´¢ä»˜é€šTenpay|è´?å®?PayPalé›†æˆ?æ?’ä»¶ WordPress plugin through 3.7.2 is not sanitised, properly escaped or validated before inserting to a SQL statement not delimited by quotes, leading to SQL injection.

Ссылки

EPSS

Процентиль: 68%

0.00567

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2021-24390

CVSS3: 7.2

nvd

больше 4 лет назад

A proid GET parameter of the WordPress支付宝Alipay|财付通Tenpay|贝宝PayPal集成插件 WordPress plugin through 3.7.2 is not sanitised, properly escaped or validated before inserting to a SQL statement not delimited by quotes, leading to SQL injection.

EPSS

Процентиль: 68%

0.00567

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89