Lucene search
PRIOn knowledge basePRION:CVE-2022-0412HistoryFeb 28, 2022 - 9:15 a.m.
Sql injection
2022-02-2809:15:00
PRIOn knowledge base
www.prio-n.com
10
0.085 Low
EPSS
Percentile
94.5%
The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress plugin before 1.40.1 do not sanitise and escape the item_id parameter before using it in a SQL statement via the wishlist/remove_product REST endpoint, allowing unauthenticated attackers to perform SQL injection attacks
| CPE | Name | Operator | Version |
|---|---|---|---|
| ti_woocommerce_wishlist | lt | 1.40.1 | |
| ti_woocommerce_wishlist | lt | 1.40.1 |
Related
cve
cve
CVE-2022-0412
2022-02-28 09:15:09
patchstack
patchstack
openvas
openvas
WordPress TI WooCommerce Wishlist Plugin < 1.40.1 SQLi Vulnerability
2022-03-14 00:00:00
wpvulndb
wpvulndb
TI WooCommerce Wishlist < 1.40.1 - Unauthenticated Blind SQL Injection
2022-01-31 00:00:00
cvelist
cvelist
wpexploit
wpexploit
TI WooCommerce Wishlist < 1.40.1 - Unauthenticated Blind SQL Injection
2022-01-31 00:00:00
nvd
nvd
CVE-2022-0412
2022-02-28 09:15:09
cnvd
cnvd
WordPress TI WooCommerce Wishlist plugin SQL injection vulnerability
2022-03-02 00:00:00
nuclei
nuclei
WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection
2022-10-01 13:34:58
githubexploit
githubexploit
Exploit for SQL Injection in Templateinvaders Ti Woocommerce Wishlist
2024-03-20 22:22:51