Lucene search
China National Vulnerability DatabaseCNVD-2023-06535HistoryApr 27, 2022 - 12:00 a.m.
WordPress plugin Master Elements SQL injection vulnerability
2022-04-2700:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
0.024 Low
EPSS
Percentile
89.9%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin Master Elements 8.0 and earlier versions are vulnerable to SQL injection, which stems from the plugin’s failure to validate and escape its remove_post_meta_ condition AJAX operation’s meta_ids parameter. condition AJAX operation’s meta_ids parameter. An attacker could exploit this vulnerability for SQL injection.
| CPE | Name | Operator | Version |
|---|---|---|---|
| devbunch master elements | le | 8.0 |
Related
cve
cve
CVE-2022-0693
2022-04-25 16:16:07
wpvulndb
wpvulndb
Master Elements <= 8.0 - Unauthenticated SQLi
2022-03-29 00:00:00
prion
prion
Sql injection
2022-04-25 16:16:00
nuclei
nuclei
WordPress Master Elements <=8.0 - SQL Injection
2023-03-05 13:42:10
patchstack
patchstack
cvelist
cvelist
CVE-2022-0693 Master Elements <= 8.0 - Unauthenticated SQLi
2022-04-25 15:51:06
nvd
nvd
CVE-2022-0693
2022-04-25 16:16:07
wpexploit
wpexploit
Master Elements <= 8.0 - Unauthenticated SQLi
2022-03-29 00:00:00