5 matches found
NotificationX Dropshipping < 4.4 - SQL Injection
The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection id: CVE-2022-3481 info: name: NotificationX Dropshipping 4.4 - SQL Injection author: ritikchaddha severity: critical...
CVE-2022-3481
creationtimestamp| type| source ---|---|--- 2022-11-07 16:11:33+00:00| seen| https://t.me/cibsecurity/52587 2025-05-01 20:15:41+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14383 2025-07-23 21:02:22+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lunw54zwm622 2025-09-25...
CVE-2022-3481
The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection...
CVE-2022-3481 WooCommerce Dropshipping < 4.4 - Unauthenticated SQLi
The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection...
CVE-2022-3481
CVE-2022-3481 concerns the WordPress plugin WooCommerce Dropshipping (versions before 4.4). The issue is an unauthenticated SQL injection via a REST endpoint due to improper sanitization and escaping of a parameter used in a SQL statement. The vulnerability affects endpoints exposed to unauthenti...