Lucene search
WPScanCVELIST:CVE-2022-0787HistoryMar 28, 2022 - 5:23 p.m.
CVE-2022-0787 Limit Login Attempts (Spam Protection) < 5.1 - Unauthenticated SQLi
2022-03-2817:23:23
CWE-89
WPScan
www.cve.org
0.04 Low
EPSS
Percentile
92.2%
The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and escape some parameters before using them in SQL statements via AJAX actions (available to unauthenticated users), leading to SQL Injections
CNA Affected
[
{
"product": "Limit Login Attempts (Spam Protection)",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.1",
"status": "affected",
"version": "5.1",
"versionType": "custom"
}
]
}
]Related
prion
prion
Sql injection
2022-03-28 18:15:00
nvd
nvd
CVE-2022-0787
2022-03-28 18:15:09
nuclei
nuclei
Limit Login Attempts (Spam Protection) < 5.1 - SQL Injection
2023-10-17 07:20:28
patchstack
patchstack
wpexploit
wpexploit
Limit Login Attempts (Spam Protection) < 5.1 - Unauthenticated SQLi
2022-03-02 00:00:00
wpvulndb
wpvulndb
Limit Login Attempts (Spam Protection) < 5.1 - Unauthenticated SQLi
2022-03-02 00:00:00
cve
cve
CVE-2022-0787
2022-03-28 18:15:09