Lucene search

[email protected]NVD:CVE-2022-43462

HistoryJan 17, 2023 - 5:15 a.m.

CVE-2022-43462

2023-01-1705:15:14

CWE-89

[email protected]

web.nvd.nist.gov

authentication sql injection

adeel ahmed

ip blacklist cloud

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.001

Percentile

37.5%

JSON

Auth. SQL Injection (SQLi) vulnerability in Adeel Ahmed’s IP Blacklist Cloud plugin <= 5.00 versions.

Affected configurations

Nvd

Node

ip_blacklist_cloud_projectip_blacklist_cloudRange≤5.00wordpress

VendorProductVersionCPE
ip_blacklist_cloud_projectip_blacklist_cloud*cpe:2.3:a:ip_blacklist_cloud_project:ip_blacklist_cloud:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
ip_blacklist_cloud_project	ip_blacklist_cloud	*	cpe:2.3:a:ip_blacklist_cloud_project:ip_blacklist_cloud::::::wordpress::*

References

patchstack.com/database/vulnerability/ip-blacklist-cloud/wordpress-ip-blacklist-cloud-plugin-5-00-auth-sql-injection-sqli-vulnerability?_s_id=cve

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.001

Percentile

37.5%

JSON

Related for NVD:CVE-2022-43462

patchstack1 cve1 prion1 wpvulndb1 cvelist1