Lucene search

K
prionPRIOn knowledge basePRION:CVE-2022-0694
HistoryMar 21, 2022 - 7:15 p.m.

Sql injection

2022-03-2119:15:00
PRIOn knowledge base
www.prio-n.com
4

0.002 Low

EPSS

Percentile

52.0%

The Advanced Booking Calendar WordPress plugin before 1.7.0 does not validate and escape the calendar parameter before using it in a SQL statement via the abc_booking_getSingleCalendar AJAX action (available to both unauthenticated and authenticated users), leading to an unauthenticated SQL injection

CPENameOperatorVersion
advanced_booking_calendarlt1.7.0

0.002 Low

EPSS

Percentile

52.0%

Related for PRION:CVE-2022-0694