Lucene search
China National Vulnerability DatabaseCNVD-2022-65214HistoryMay 11, 2022 - 12:00 a.m.
WordPress Ubigeo de Peru plugin SQL injection vulnerability
2022-05-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
0.04 Low
EPSS
Percentile
92.2%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. A SQL injection vulnerability exists in versions of the WordPress Ubigeo de Peru plugin prior to version 3.6.4, which stems from the fact that certain parameters passed by the plugin through AJAX operations are not properly cleaned and escaped before being used to stitch together SQL statements are not properly cleaned and escaped before being used to stitch together SQL statements. An unauthenticated attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress ubigeo de peru | lt | 3.6.4 |
Related
cvelist
cvelist
CVE-2022-0814 Ubigeo de Peru < 3.6.4 - Unauthenticated SQLi
2022-05-09 16:50:32
patchstack
patchstack
cve
cve
CVE-2022-0814
2022-05-09 17:15:08
nvd
nvd
CVE-2022-0814
2022-05-09 17:15:08
wpvulndb
wpvulndb
Ubigeo de Peru < 3.6.4 - Unauthenticated SQLi
2022-04-18 00:00:00
wpexploit
wpexploit
Ubigeo de Peru < 3.6.4 - Unauthenticated SQLi
2022-04-18 00:00:00
prion
prion
Sql injection
2022-05-09 17:15:00
nuclei
nuclei
Ubigeo de Peru < 3.6.4 - SQL Injection
2023-10-17 07:20:28