Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:18 p.m.9 views

CVE-2022-1685

The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection...

4.9CVSS7.1AI score0.00951EPSS
Exploits2References1
NVD
NVD
added 2022/06/08 10:15 a.m.17 views

CVE-2022-1685

The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection...

4.9CVSS0.00951EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2022/06/08 10:15 a.m.6 views

CVE-2022-1685

The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection...

4.9CVSS5.9AI score0.00951EPSS
Exploits2References3
CVE
CVE
added 2022/06/06 8:51 a.m.63 views

CVE-2022-1685

The CVE-2022-1685 entry concerns the Five Minute Webshop WordPress plugin (versions up to 1.3.2). The vulnerability is an SQL injection in the admin Manage Products page caused by improper validation/sanitisation of the orderby parameter before it is used in a SQL statement. Several connected sou...

4.9CVSS5.4AI score0.00951EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2022/06/06 8:51 a.m.23 views

CVE-2022-1685 Five Minute Webshop <= 1.3.2 - Admin+ SQLi via orderby

The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection...

5.9AI score0.00951EPSS
Exploits2References2
Rows per page
Query Builder