4 matches found
CVE-2022-0827
The Bestbooks WordPress plugin through 2.6.3 does not sanitise and escape some parameters before using them in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users...
CVE-2022-0827
creationtimestamp| type| source ---|---|--- 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-02-01 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-02-01 2025-02-01 00:00:00+00:00| exploited| The Shadowserver...
CVE-2022-0827
WordPress Best Books plugin (versions up to 2.6.3) contains an SQL injection due to insufficient sanitization/escaping of parameters in an Ajax action. The vulnerability affects the plugin's handling of user-supplied data in SQL statements, enabling unauthenticated attackers to potentially read o...
CVE-2022-0827 Bestbooks <= 2.6.3 - Unauthenticated SQLi
The Bestbooks WordPress plugin through 2.6.3 does not sanitise and escape some parameters before using them in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users...