exploitDog

GHSA-v727-m7g4-8xpx

Опубликовано: 21 нояб. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

The Event Monster WordPress plugin before 1.2.0 does not validate and escape some parameters before using them in SQL statements, which could lead to SQL Injection exploitable by high privilege users

The Event Monster WordPress plugin before 1.2.0 does not validate and escape some parameters before using them in SQL statements, which could lead to SQL Injection exploitable by high privilege users

Ссылки

EPSS

Процентиль: 73%

0.00746

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2022-3720

CVSS3: 7.2

nvd

около 3 лет назад

The Event Monster WordPress plugin before 1.2.0 does not validate and escape some parameters before using them in SQL statements, which could lead to SQL Injection exploitable by high privilege users

EPSS

Процентиль: 73%

0.00746

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89