exploitDog

GHSA-pj2v-wf83-5cr4

Опубликовано: 28 нояб. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users

The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users

Ссылки

EPSS

Процентиль: 97%

0.35524

Средний

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2022-3689

CVSS3: 7.2

nvd

около 3 лет назад

The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users

EPSS

Процентиль: 97%

0.35524

Средний

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89