Lucene search
+L

26 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-43205

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.01053EPSS
Exploits1References3
NVD
NVD
added 2022/11/28 2:15 p.m.17 views

CVE-2022-3865

The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

8.8CVSS0.01053EPSS
Exploits1References2
NVD
NVD
added 2022/11/28 2:15 p.m.18 views

CVE-2022-3849

The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

8.8CVSS0.01053EPSS
Exploits1References2
OSV
OSV
added 2022/11/28 2:15 p.m.7 views

CVE-2022-3848

The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

8.8CVSS5.8AI score0.01053EPSS
Exploits1References2
OSV
OSV
added 2022/11/28 2:15 p.m.9 views

CVE-2022-3849

The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

8.8CVSS5.8AI score0.01053EPSS
Exploits1References2
Prion
Prion
added 2022/11/28 2:15 p.m.17 views

Sql injection

The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

6.5CVSS8.9AI score0.01053EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/11/28 2:15 p.m.20 views

Sql injection

The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

6.5CVSS8.9AI score0.01053EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/11/28 2:15 p.m.16 views

Sql injection

The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

6.5CVSS8.9AI score0.01053EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/11/28 1:50 p.m.56 views

CVE-2022-3865

The CVE-2022-3865 entry concerns the WordPress WP User Merger plugin (versions prior to 1.5.3). The underlying issue is improper sanitisation/escaping of a parameter used in a SQL statement, resulting in a SQL injection. The vulnerability is exploitable by users with a role as low as admin. Affec...

8.8CVSS9AI score0.01053EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/28 1:50 p.m.6 views

CVE-2022-3865 WP User Merger < 1.5.3 - Admin+ SQLi via ID

The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

9.2AI score0.01053EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/11/28 1:50 p.m.23 views

CVE-2022-3865 WP User Merger < 1.5.3 - Admin+ SQLi via ID

The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

9.2AI score0.01053EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/11/28 1:47 p.m.5 views

CVE-2022-3848 WP User Merger < 1.5.3 - Admin+ SQLi via wpsu_user_id

The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

7.5AI score0.01053EPSS
Exploits1References2
CVE
CVE
added 2022/11/28 1:47 p.m.58 views

CVE-2022-3848

CVE-2022-3848 affects the WordPress plugin WP User Merger prior to version 1.5.3. The root cause is insufficient sanitisation/escaping of a parameter before its use in an SQL statement, enabling SQL injection with low-privilege admin-level access. The documented remediation is to update to versio...

8.8CVSS9AI score0.01053EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/11/28 1:47 p.m.34 views

CVE-2022-3848 WP User Merger < 1.5.3 - Admin+ SQLi via wpsu_user_id

The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

9.2AI score0.01053EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/11/28 1:47 p.m.8 views

CVE-2022-3849 WP User Merger < 1.5.3 - Admin+ SQLi via user_id

The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

9AI score0.01053EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/11/28 1:47 p.m.29 views

CVE-2022-3849 WP User Merger < 1.5.3 - Admin+ SQLi via user_id

The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

9.2AI score0.01053EPSS
Exploits1References2
CVE
CVE
added 2022/11/28 1:47 p.m.59 views

CVE-2022-3849

The CVE-2022-3849 entry pertains to the WP User Merger WordPress plugin (versions before 1.5.3). The vulnerability is a SQL injection caused by improper sanitisation/escaping of a parameter before it is used in a SQL statement, exploitable by users with a role as low as admin. Affected item: WP U...

8.8CVSS9AI score0.01053EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/11/28 12:0 a.m.6 views

WordPress plugin WP User Merger SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

8.8CVSS8.2AI score0.01053EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/11/28 12:0 a.m.5 views

WordPress plugin WP User Merger SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Versions of WordPress WP Us...

8.8CVSS7.6AI score0.01053EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/11/28 12:0 a.m.9 views

PT-2022-24423 · WordPress · Wp User Merger

Name of the Vulnerable Software and Affected Versions: WP User Merger WordPress plugin versions prior to 1.5.3 Description: The issue arises from the plugin's failure to properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection. This can be exploited ...

8.8CVSS8.9AI score0.01053EPSS
Exploits1References7
Rows per page
Query Builder