Documentor <= 1.5.3 - Unauthenticated SQL Injection

The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users. id: CVE-2022-0773 info: name: Documentor = 1.5.3 - Unauthenticated SQL...

CVE-2022-0773

The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users...

WordPress Documentor Plugin SQL Injection (CVE-2022-0773)

An SQL injection vulnerability exists in WordPress Documentor Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

CVE-2022-0773

The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users...

CVE-2022-0773

The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users...

Sql injection

The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users...

CVE-2022-0773 Documentor <= 1.5.3 - Unauthenticated SQLi

The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users...

CVE-2022-0773

Vulnerability: Documentor WordPress plugin (versions

WordPress plugin Documentor SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Documentor plugin 1.5.3 and earlier versions are vulnerable to SQL injection, which stems...

Documentor <= 1.5.3 - Unauthenticated SQLi

The plugin fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users. PoC curl https://example.com/wp-admin/admin-ajax.php --data 'action=docsearchresults==1 AND SELECT 6288 FROM...

Documentor <= 1.5.3 - Unauthenticated SQLi

The plugin fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users. curl https://example.com/wp-admin/admin-ajax.php --data 'action=docsearchresults&term=&docid=1 AND SELECT 628...

WordPress Documentor plugin <= 1.5.3 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by cydave in WordPress Documentor plugin versions = 1.5.3. Solution Deactivate and delete. This plugin has been closed as of March 29, 2022 and is not available for download. This closure is temporary, pending a full review...