The Database Backup for WordPress plugin before 2.5.1 does not properly sanitise and escape the fragment parameter before using it in a SQL statement in the admin dashboard, leading to a SQL injection issue
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/684bb06d-864f-4cba-ab0d-f83974d026fa | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2022-02-21T10:46:11
Updated: 2022-02-21T10:46:10
Reserved: 2022-01-17T00:00:00
Link: CVE-2022-0255
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-02-21T11:15:09.580
Modified: 2022-02-28T20:57:22.547
Link: CVE-2022-0255
JSON object: View
Redhat Information
No data.
CWE