The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/55b89de0-30ed-4f98-935e-51f069faf6fc | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2022-05-02T16:05:43
Updated: 2022-05-02T16:05:43
Reserved: 2022-02-27T00:00:00
Link: CVE-2022-0773
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-05-02T16:15:08.517
Modified: 2022-05-09T15:01:55.217
Link: CVE-2022-0773
JSON object: View
Redhat Information
No data.
CWE