Описание
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WC Vendors WC Vendors – WooCommerce Multi-Vendor, WooCommerce Marketplace, Product Vendors.This issue affects WC Vendors – WooCommerce Multi-Vendor, WooCommerce Marketplace, Product Vendors: from n/a through 2.4.7.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.4.7 (включая)
cpe:2.3:a:wcvendors:woocommerce_multi-vendor\,_woocommerce_marketplace\,_product_vendors:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 35%
0.00146
Низкий
7.6 High
CVSS3
7.2 High
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 7.6
github
около 2 лет назад
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WC Vendors WC Vendors – WooCommerce Multi-Vendor, WooCommerce Marketplace, Product Vendors.This issue affects WC Vendors – WooCommerce Multi-Vendor, WooCommerce Marketplace, Product Vendors: from n/a through 2.4.7.
EPSS
Процентиль: 35%
0.00146
Низкий
7.6 High
CVSS3
7.2 High
CVSS3
Дефекты
CWE-89