Описание
The Quiz Maker WordPress plugin before 6.2.0.9 did not properly sanitise and escape the order and orderby parameters before using them in SQL statements, leading to SQL injection issues in the admin dashboard
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.2.0.9 (исключая)
cpe:2.3:a:ays-pro:quiz_maker:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 70%
0.00628
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
CWE-89
Связанные уязвимости
github
больше 3 лет назад
The Quiz Maker WordPress plugin before 6.2.0.9 did not properly sanitise and escape the order and orderby parameters before using them in SQL statements, leading to SQL injection issues in the admin dashboard
EPSS
Процентиль: 70%
0.00628
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
CWE-89