Lucene search
WPScanCVELIST:CVE-2022-4681HistoryFeb 06, 2023 - 7:59 p.m.
CVE-2022-4681 Hide My WP < 6.2.9 - Unauthenticated SQLi
2023-02-0619:59:20
WPScan
www.cve.org
cve-2022-4681
hide my wp
sql injection
0.007 Low
EPSS
Percentile
80.2%
The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Hide My WP",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "6.2.9"
}
],
"defaultStatus": "unaffected"
}
]Related
prion
prion
Sql injection
2023-02-06 20:15:00
nvd
nvd
CVE-2022-4681
2023-02-06 20:15:11
wpexploit
wpexploit
Hide My WP < 6.2.9 - Unauthenticated SQLi
2023-01-11 00:00:00
wpvulndb
wpvulndb
Hide My WP < 6.2.9 - Unauthenticated SQLi
2023-01-11 00:00:00
cve
cve
CVE-2022-4681
2023-02-06 20:15:11
zdt
zdt
WordPress Hide My WP < 6.2.9 - Unauthenticated SQL injection Vulnerability
2024-03-11 00:00:00
packetstorm
packetstorm
WordPress Hide My WP SQL Injection
2024-03-11 00:00:00
exploitdb
exploitdb
Hide My WP < 6.2.9 - Unauthenticated SQLi
2024-03-10 00:00:00