Lucene search
WPScanCVELIST:CVE-2022-0949HistoryApr 11, 2022 - 2:40 p.m.
CVE-2022-0949 WP Block and Stop Bad Bots < 6.930 - Unauthenticated SQLi
2022-04-1114:40:59
CWE-89
WPScan
www.cve.org
0.04 Low
EPSS
Percentile
92.2%
The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 6.930 does not properly sanitise and escape the fingerprint parameter before using it in a SQL statement via the stopbadbots_grava_fingerprint AJAX action, available to unauthenticated users, leading to a SQL injection
CNA Affected
[
{
"product": "Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection",
"vendor": "Unknown",
"versions": [
{
"lessThan": "6.930",
"status": "affected",
"version": "6.930",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
WP Block and Stop Bad Bots < 6.930 - Unauthenticated SQLi
2022-03-16 00:00:00
cve
cve
CVE-2022-0949
2022-04-11 15:15:08
prion
prion
Sql injection
2022-04-11 15:15:00
nuclei
nuclei
WordPress Stop Bad Bots <6.930 - SQL Injection
2023-03-05 13:42:10
nvd
nvd
CVE-2022-0949
2022-04-11 15:15:08
patchstack
patchstack
wpexploit
wpexploit
WP Block and Stop Bad Bots < 6.930 - Unauthenticated SQLi
2022-03-16 00:00:00