3 matches found
WordPress ARPrice <3.6.1 - SQL Injection
WordPress ARPrice plugin prior to 3.6.1 contains a SQL injection vulnerability. It fails to properly sanitize and escape user supplied POST data before being inserted in an SQL statement and executed via an AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or...
CVE-2022-0867
creationtimestamp| type| source ---|---|--- 2024-11-24 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-11-24 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-05-16 00:00:00+00:00| exploited| The Shadowserver...
CVE-2022-0867 ARPrice Lite < 3.6.1 - Unauthenticated SQLi
The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users...