3 matches found
CVE-2022-1057
The Pricing Deals for WooCommerce WordPress plugin through 2.0.2.02 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection...
CVE-2022-1057 Pricing Deals for WooCommerce <= 2.0.2.02 - Unauthenticated SQLi
The Pricing Deals for WooCommerce WordPress plugin through 2.0.2.02 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection...
CVE-2022-1057
CVE-2022-1057 affects the WordPress plugin “Pricing Deals for WooCommerce” up to version 2.0.2.02. The vulnerability is an unauthenticated SQL injection caused by improper sanitisation/escaping of a parameter in an AJAX action, allowing arbitrary SQL execution and potential data disclosure or mod...