Lucene search
WPScanCVELIST:CVE-2022-0739HistoryMar 21, 2022 - 6:56 p.m.
CVE-2022-0739 BookingPress < 1.0.11 - Unauthenticated SQL Injection
2022-03-2118:56:00
CWE-89
WPScan
www.cve.org
1
0.006 Low
EPSS
Percentile
78.2%
The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection
CNA Affected
[
{
"product": "BookingPress – Appointments Booking Calendar Plugin and Online Scheduling Plugin",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.0.11",
"status": "affected",
"version": "1.0.11",
"versionType": "custom"
}
]
}
]Related
githubexploit
githubexploit
Exploit for SQL Injection in Reputeinfosystems Bookingpress
2022-11-02 01:39:37
Exploit for SQL Injection in Reputeinfosystems Bookingpress
2022-12-23 05:35:08
Exploit for SQL Injection in Reputeinfosystems Bookingpress
2023-02-18 15:23:49
wpexploit
wpexploit
BookingPress < 1.0.11 - Unauthenticated SQL Injection
2022-02-28 00:00:00
cve
cve
CVE-2022-0739
2022-03-21 19:15:11
patchstack
patchstack
metasploit
metasploit
Wordpress BookingPress bookingpress_front_get_category_services SQLi
2022-12-05 20:04:03
wpvulndb
wpvulndb
BookingPress < 1.0.11 - Unauthenticated SQL Injection
2022-02-28 00:00:00
prion
prion
Sql injection
2022-03-21 19:15:00
nvd
nvd
CVE-2022-0739
2022-03-21 19:15:11
rapid7blog
rapid7blog
Metasploit Wrap-Up
2022-12-09 20:36:45