Lucene search

PRIOn knowledge basePRION:CVE-2012-10009

HistoryMar 21, 2023 - 12:15 a.m.

Sql injection

2023-03-2100:15:00

PRIOn knowledge base

www.prio-n.com

vulnerability

404like plugin

wordpress

critical

sql injection

remote attack

upgrade

patch

2c4b589d27554910ab1fd104ddbec9331b540f7f

identifier vdb-223404

7.9 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.9%

JSON

A vulnerability was found in 404like Plugin up to 1.0.2 on WordPress. It has been classified as critical. Affected is the function checkPage of the file 404Like.php. The manipulation of the argument searchWord leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 1.0.2 is able to address this issue. The name of the patch is 2c4b589d27554910ab1fd104ddbec9331b540f7f. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-223404.

CPENameOperatorVersion
404likelt1.0.2

CPE	Name	Operator	Version
	404like	lt	1.0.2

References

github.com/wp-plugins/404like/commit/2c4b589d27554910ab1fd104ddbec9331b540f7f

github.com/wp-plugins/404like/releases/tag/1.0.2

vuldb.com/?ctiid.223404

vuldb.com/?id.223404