exploitDog

CVE-2022-2460

Опубликовано: 08 авг. 2022

Источник: nvd

CVSS3: 9.8

CVSS3: 4.3

EPSS Низкий

Описание

The WPDating WordPress plugin before 7.4.0 does not properly escape user input before concatenating it to certain SQL queries, leading to multiple SQL injection vulnerabilities exploitable by unauthenticated users

Ссылки

https://wpscan.com/vulnerability/694b6dfd-2424-41b4-8595-b6c305c390db
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/694b6dfd-2424-41b4-8595-b6c305c390db
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:digital_product_labs:wpdating:*:*:*:*:*:wordpress:*:*

Версия до 7.1.9 (включая)

EPSS

Процентиль: 89%

0.04375

Низкий

9.8 Critical

CVSS3

4.3 Medium

CVSS3

Дефекты

Связанные уязвимости

GHSA-rv2q-xwg7-w99w

CVSS3: 9.8

github

больше 3 лет назад

The WPDating WordPress plugin through 7.1.9 does not properly escape user input before concatenating it to certain SQL queries, leading to multiple SQL injection vulnerabilities.

EPSS

Процентиль: 89%

0.04375

Низкий

9.8 Critical

CVSS3

4.3 Medium

CVSS3

Дефекты