exploitDog

CVE-2022-2754

Опубликовано: 19 сент. 2022

Источник: nvd

CVSS3: 9.8

EPSS Средний

Описание

The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters before using them in SQL statements, which could allow unauthenticated attackers to perform SQL Injection attacks

Ссылки

https://wpscan.com/vulnerability/e3c6d137-ff6e-432a-a21a-b36dc81f73c5
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/e3c6d137-ff6e-432a-a21a-b36dc81f73c5
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ketchup_restaurant_reservations_project:ketchup_restaurant_reservations:*:*:*:*:*:wordpress:*:*

Версия до 1.0.0 (включая)

EPSS

Процентиль: 96%

0.21288

Средний

9.8 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-6m9q-ppfx-8654

CVSS3: 9.8

github

больше 3 лет назад

The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters before using them in SQL statements, which could allow unauthenticated attackers to perform SQL Injection attacks

EPSS

Процентиль: 96%

0.21288

Средний

9.8 Critical

CVSS3

Дефекты

CWE-89