Lucene search
+L

CVE-2022-0786

🗓️ 13 Jun 2022 12:41:32Reported by WPScanType 
cve
 cve
🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 103 Views🌐 WEB

The KiviCare WordPress plugin before 2.3.9 is prone to SQL injection

Related
Detection
Affected
Refs
Paths
Social
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2022-0786
13 Jun 202213:15
attackerkb
Circl
CVE-2022-0786
26 Jan 202500:00
circl
CNNVD
WordPress plugin KiviCare SQL注入漏洞
13 Jun 202200:00
cnnvd
CNVD
WordPress Plugin KiviCare SQL Injection Vulnerability
15 Jun 202200:00
cnvd
Cvelist
CVE-2022-0786 KiviCare < 2.3.9 - Unauthenticated SQLi
13 Jun 202212:41
cvelist
Nuclei
WordPress KiviCare <2.3.9 - SQL Injection
17 Jul 202604:44
nuclei
NVD
CVE-2022-0786
13 Jun 202213:15
nvd
OSV
CVE-2022-0786
13 Jun 202213:15
osv
Patchstack
WordPress KiviCare plugin <= 2.3.8 - Unauthenticated SQL Injection (SQLi) vulnerability
23 May 202200:00
patchstack
Prion
Sql injection
13 Jun 202213:15
prion
Rows per page
NVD
Vulners
Node
iqonickivicareRange<2.3.9wordpress
[
  {
    "product": "KiviCare – Clinic & Patient Management System (EHR)",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "2.3.9",
        "status": "affected",
        "version": "2.3.9",
        "versionType": "custom"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
clinic_id[id]query paramwp-admin/admin-ajax.phpSQL injection via unsanitised input in get_doctor_details route (case when sleep injected in clinic_id[id]).CWE-89
clinic_idquery paramwp-admin/admin-ajax.phpSQL injection via unsanitised input in get_doctor_details route (explicit clinic_id payload in GET).CWE-89
clinic_idquery paramwp-admin/admin-ajax.phpSQL injection via unsanitised input in get_doctor_details route (GET with crafted clinic_id payload).CWE-89
clinic_idquery paramwp-admin/admin-ajax.phpSQL injection via unsanitised input in get_doctor_details route (GET with crafted clinic_id payload and additional params).CWE-89

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 04:21Current
9.7High risk
Vulners AI Score9.7
CVSS 27.5
CVSS 3.19.8
EPSS0.12619
103