Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.14 views

CVE-2022-0760

The Simple Link Directory WordPress plugin before 7.7.2 does not validate and escape the postid parameter before using it in a SQL statement via the qcopdupvoteaction AJAX action available to unauthenticated and authenticated users, leading to an unauthenticated SQL Injection...

9.8CVSS7.1AI score0.10825EPSS
Exploits2References1
Circl
Circl
added 2022/03/21 9:26 p.m.30 views

CVE-2022-0760

creationtimestamp| type| source ---|---|--- 2022-03-21 21:26:39+00:00| seen| https://t.me/cibsecurity/39334 2024-12-24 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-12-24 2025-01-17 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-17...

9.8CVSS7.2AI score0.10825EPSS
In wildExploits2References4
Cvelist
Cvelist
added 2022/03/21 6:56 p.m.27 views

CVE-2022-0760 Simple Link Directory < 7.7.2 - Unauthenticated SQL injection

The Simple Link Directory WordPress plugin before 7.7.2 does not validate and escape the postid parameter before using it in a SQL statement via the qcopdupvoteaction AJAX action available to unauthenticated and authenticated users, leading to an unauthenticated SQL Injection...

10AI score0.10825EPSS
Exploits2References2
CVE
CVE
added 2022/03/21 6:56 p.m.135 views

CVE-2022-0760

The CVE-2022-0760 entry describes a SQL injection in the WordPress plugin WordPress Simple Link Directory (versions before 7.7.2). The vulnerability arises because the plugin does not validate or escape the post_id parameter before using it in a SQL statement in the qcopd_upvote_action AJAX call,...

9.8CVSS9.8AI score0.10825EPSS
In wildExploits2References2Affected Software1
Rows per page
Query Builder