Lucene search
China National Vulnerability DatabaseCNVD-2022-19797HistoryMar 09, 2022 - 12:00 a.m.
WordPress NotificationX Plugin SQL Injection Vulnerability
2022-03-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
0.024 Low
EPSS
Percentile
90.0%
WordPress is the Wordpress Foundation’s set of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. SQL injection vulnerability exists in versions prior to WordPress NotificationX Plugin 2.3.9, which stems from the plugin’s failure to clean and escape the nx_id parameter before using it in SQL statements. commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress notificationx plugin | lt | 2.3.9 |
Related
prion
prion
Sql injection
2022-03-07 09:15:00
cvelist
cvelist
CVE-2022-0349 NotificationX < 2.3.9 - Unauthenticated Blind SQL Injection
2022-03-07 08:16:27
wpexploit
wpexploit
NotificationX < 2.3.9 - Unauthenticated Blind SQL Injection
2022-02-02 00:00:00
wpvulndb
wpvulndb
NotificationX < 2.3.9 - Unauthenticated Blind SQL Injection
2022-02-02 00:00:00
nvd
nvd
CVE-2022-0349
2022-03-07 09:15:09
patchstack
patchstack
nuclei
nuclei
WordPress NotificationX <2.3.9 - SQL Injection
2022-10-01 13:26:09
cve
cve
CVE-2022-0349
2022-03-07 09:15:09