exploitDog

CVE-2022-2593

Опубликовано: 22 авг. 2022

Источник: nvd

CVSS3: 7.2

EPSS Низкий

Описание

The Better Search Replace WordPress plugin before 1.4.1 does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks

Ссылки

https://wpscan.com/vulnerability/229a065e-1062-44d4-818d-29aa3b6b6d41
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/229a065e-1062-44d4-818d-29aa3b6b6d41
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:deliciousbrains:better_search_replace:*:*:*:*:*:wordpress:*:*

Версия до 1.4.1 (исключая)

EPSS

Процентиль: 67%

0.00537

Низкий

7.2 High

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-9rqh-x72q-rhcr

CVSS3: 7.2

github

больше 3 лет назад

The Better Search Replace WordPress plugin before 1.4.1 does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks

EPSS

Процентиль: 67%

0.00537

Низкий

7.2 High

CVSS3

Дефекты

CWE-89