Lucene search
K

5 matches found

Circl
Circl
added 2023/01/03 12:26 a.m.4 views

CVE-2022-4355

creationtimestamp| type| source ---|---|--- 2023-01-03 00:26:40+00:00| seen| https://t.me/cibsecurity/55767...

7.2CVSS7AI score0.00874EPSS
Exploits1References1
OSV
OSV
added 2023/01/02 10:15 p.m.3 views

CVE-2022-4355

The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.2CVSS5.8AI score0.00874EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/01/02 9:49 p.m.6 views

CVE-2022-4355 LetsRecover < 1.2.0 - Admin+ SQLi

The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.2AI score0.00874EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/01/02 9:49 p.m.34 views

CVE-2022-4355 LetsRecover < 1.2.0 - Admin+ SQLi

The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.4AI score0.00874EPSS
Exploits1References2
CVE
CVE
added 2023/01/02 9:49 p.m.80 views

CVE-2022-4355

CVE-2022-4355 affects the LetsRecover WordPress plugin prior to version 1.2.0. The root cause is improper sanitization/escaping of a parameter before its use in a SQL statement, enabling SQL injection by high-privilege users (e.g., admins). Impact is high (C/C I/A all at HIGH) with network-access...

7.2CVSS7.1AI score0.00874EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder