exploitDog

CVE-2022-33965

Опубликовано: 25 июл. 2022

Источник: nvd

CVSS3: 9.3

CVSS3: 9.8

EPSS Средний

Описание

Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities in Osamaesh WP Visitor Statistics plugin <= 5.7 at WordPress.

Ссылки

https://patchstack.com/database/vulnerability/wp-stats-manager/wordpress-wp-visitor-statistics-plugin-5-7-multiple-unauthenticated-sql-injection-sqli-vulnerabilities
Patch
Third Party Advisory
https://wordpress.org/plugins/wp-stats-manager/#developers
Release Notes
Third Party Advisory
https://patchstack.com/database/vulnerability/wp-stats-manager/wordpress-wp-visitor-statistics-plugin-5-7-multiple-unauthenticated-sql-injection-sqli-vulnerabilities
Patch
Third Party Advisory
https://wordpress.org/plugins/wp-stats-manager/#developers
Release Notes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:plugins-market:wp_visitor_statistics:*:*:*:*:*:wordpress:*:*

Версия до 5.8 (исключая)

EPSS

Процентиль: 97%

0.39966

Средний

9.3 Critical

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-cffp-89vg-h8vp

CVSS3: 9.8

github

больше 3 лет назад

Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities in Osamaesh WP Visitor Statistics plugin <= 5.7 at WordPress.

EPSS

Процентиль: 97%

0.39966

Средний

9.3 Critical

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-89