Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:23 a.m.7 views

CVE-2022-4681

The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

9.8CVSS7.2AI score0.03824EPSS
Exploits5References1
0day.today
0day.today
added 2024/03/11 12:0 a.m.367 views

WordPress Hide My WP < 6.2.9 - Unauthenticated SQL injection Vulnerability

Exploit Title: Wordpress Plugin Hide My WP 6.2.9 - Unauthenticated SQLi Original Researcher: Xenofon Vassilakopoulos Exploit Author: Xenofon Vassilakopoulos Submitter: Xenofon Vassilakopoulos Vendor Homepage: https://wpwave.com/ Version: Hide My WP v6.2.8 and prior Tested on: Hide My WP v6.2.7...

9.8CVSS9.6AI score0.03824EPSS
Exploits5
Exploit DB
Exploit DB
added 2024/03/10 12:0 a.m.309 views

Hide My WP &lt; 6.2.9 - Unauthenticated SQLi

Exploit Title: Wordpress Plugin Hide My WP 6.2.9 - Unauthenticated SQLi Publication Date: 2023-01-11 Original Researcher: Xenofon Vassilakopoulos Exploit Author: Xenofon Vassilakopoulos Submitter: Xenofon Vassilakopoulos Vendor Homepage: https://wpwave.com/ Version: Hide My WP v6.2.8 and prior...

9.8CVSS9.7AI score0.03824EPSS
Exploits5
Cvelist
Cvelist
added 2023/02/06 7:59 p.m.41 views

CVE-2022-4681 Hide My WP < 6.2.9 - Unauthenticated SQLi

The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

10AI score0.03824EPSS
Exploits5References1
CVE
CVE
added 2023/02/06 7:59 p.m.95 views

CVE-2022-4681

The CVE-2022-4681 entry concerns the WordPress plugin Hide My WP (versions before 6.2.9). A parameter is not properly sanitized/escaped before being used in an SQL statement via an unauthenticated AJAX action, enabling a SQL injection. Impact is high (CVE scores show CRITICAL, AV:N/AC:L/PR:N/UI:N...

9.8CVSS9.8AI score0.03824EPSS
Exploits5References1Affected Software1
Patchstack
Patchstack
added 2023/01/11 12:0 a.m.18 views

WordPress Hide My WP Plugin < 6.2.9 is vulnerable to SQL Injection

Software Hide My WP Type Plugin Vulnerable versions 6.2.9 Fixed in 6.2.9 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-4681 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID ad94e6b8ba54 Credits Xenofon Vassilakopoulos Required privilege...

9.8CVSS6.7AI score0.03824EPSS
Exploits5References3Affected Software1
Rows per page
Query Builder