Lucene search
K

4 matches found

VulnCheck KEV
VulnCheck KEV
added 2026/04/01 12:0 a.m.11 views

VulnCheck KEV: CVE-2022-3254

The WordPress Classifieds Plugin WordPress plugin before 4.3 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users and when a specific premium module is active, leading to a SQL injection...

9.8CVSS5.9AI score0.05103EPSS
In wildExploits2References2
Circl
Circl
added 2022/10/31 7:38 p.m.6 views

CVE-2022-3254

creationtimestamp| type| source ---|---|--- 2022-10-31 19:38:14+00:00| seen| https://t.me/cibsecurity/52301 2026-02-06 15:04:17+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-3254.yaml 2026-02-11 21:03:01+00:00| seen|...

9.8CVSS8.7AI score0.05103EPSS
Exploits2References4
CVE
CVE
added 2022/10/31 12:0 a.m.74 views

CVE-2022-3254

CVE-2022-3254 affects the WordPress AWP Classifieds Plugin (versions prior to 4.3). The issue is an SQL injection caused by improper sanitization/escaping of parameters in an unauthenticated AJAX action, and is triggered when a specific premium module is active. The vulnerability allows execution...

9.8CVSS9.8AI score0.05103EPSS
In wildExploits2References1Affected Software1
Cvelist
Cvelist
added 2022/10/31 12:0 a.m.23 views

CVE-2022-3254 AWP Classifieds Plugin < 4.3 - Unauthenticated SQLi

The WordPress Classifieds Plugin WordPress plugin before 4.3 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users and when a specific premium module is active, leading to a SQL injection...

9.9AI score0.05103EPSS
Exploits2References1
Rows per page
Query Builder