Lucene search
WPScanCVELIST:CVE-2022-0846HistoryMar 28, 2022 - 5:23 p.m.
CVE-2022-0846 SpeakOut! Email Petitions < 2.14.15.1 - Unauthenticated SQLi
2022-03-2817:23:28
CWE-89
WPScan
www.cve.org
0.04 Low
EPSS
Percentile
92.1%
The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id parameter before using it in a SQL statement via the dk_speakout_sendmail AJAX action, leading to an SQL Injection exploitable by unauthenticated users
CNA Affected
[
{
"product": "SpeakOut! Email Petitions",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.14.15.1",
"status": "affected",
"version": "2.14.15.1",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
SpeakOut! Email Petitions < 2.14.15.1 - Unauthenticated SQLi
2022-03-07 00:00:00
prion
prion
Sql injection
2022-03-28 18:15:00
nvd
nvd
CVE-2022-0846
2022-03-28 18:15:09
cve
cve
CVE-2022-0846
2022-03-28 18:15:09
patchstack
patchstack
nuclei
nuclei
SpeakOut Email Petitions < 2.14.15.1 - SQL Injection
2023-04-21 08:56:01
wpexploit
wpexploit
SpeakOut! Email Petitions < 2.14.15.1 - Unauthenticated SQLi
2022-03-07 00:00:00