Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-64667
HistoryJun 13, 2022 - 12:00 a.m.

WordPress Realty Workstation plugin SQL injection vulnerability

2022-06-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
8

0.001 Low

EPSS

Percentile

21.9%

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. SQL injection vulnerability exists in versions prior to WordPress Realty Workstation plugin 1.0.15, which stems from the plugin’s use of it in SQL statements during proxy editing transactions before failing to clean up and escape the trans_edit parameter. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.

0.001 Low

EPSS

Percentile

21.9%