16 matches found
CVE-2022-2754
The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters before using them in SQL statements, which could allow unauthenticated attackers to perform SQL Injection attacks...
CVE-2022-2753
The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not sanitise and escape some of the reservation user inputs, allowing unauthenticated attackers to perform Cross-Site Scripting attacks logged in admin viewing the malicious reservation made...
CVE-2022-2754
The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters before using them in SQL statements, which could allow unauthenticated attackers to perform SQL Injection attacks...
CVE-2022-2754
The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters before using them in SQL statements, which could allow unauthenticated attackers to perform SQL Injection attacks...
CVE-2022-2753
The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not sanitise and escape some of the reservation user inputs, allowing unauthenticated attackers to perform Cross-Site Scripting attacks logged in admin viewing the malicious reservation made...
CVE-2022-2753
The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not sanitise and escape some of the reservation user inputs, allowing unauthenticated attackers to perform Cross-Site Scripting attacks logged in admin viewing the malicious reservation made...
Sql injection
The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters before using them in SQL statements, which could allow unauthenticated attackers to perform SQL Injection attacks...
CVE-2022-2754 Ketchup Restaurant Reservations <= 1.0.0 - Unauthenticated Blind SQLi
The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters before using them in SQL statements, which could allow unauthenticated attackers to perform SQL Injection attacks...
CVE-2022-2754
Summary (CVE-2022-2754) The WordPress plugin “Ketchup Restaurant Reservations” is affected up to version 1.0.0. The vulnerability stems from not validating and escaping certain reservation parameters before using them in SQL statements, enabling unauthenticated SQL injection. This is documented a...
CVE-2022-2753
The CVE-2022-2753 vulnerability affects the WordPress plugin Ketchup Restaurant Reservations (
CVE-2022-2753 Ketchup Restaurant Reservations <= 1.0.0 - Unauthenticated Stored XSS
The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not sanitise and escape some of the reservation user inputs, allowing unauthenticated attackers to perform Cross-Site Scripting attacks logged in admin viewing the malicious reservation made...
WordPress plugin Ketchup Restaurant Reservations SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress plugin Ketchup Restaurant Reservations 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...
WordPress Ketchup Restaurant Reservations plugin <= 1.0.0 - Unauthenticated Blind SQL Injection (SQLi) vulnerability
Unauthenticated Blind SQL Injection SQLi vulnerability discovered by Bastijn Ouwendijk in WordPress Ketchup Restaurant Reservations plugin versions = 1.0.0. Solution Deactivate and delete. This plugin has been closed as of August 29, 2022 and is not available for download. This closure is...
Ketchup Restaurant Reservations <= 1.0.0 - Unauthenticated Blind SQLi
The plugin does not validate and escape some reservation parameters before using them in SQL statements, which could allow unauthenticated attackers to perform SQL Injection attacks PoC As unauthenticated, fill the reservation form it's on a page where the reservationform is embed, intercept the...
WordPress Ketchup Restaurant Reservations plugin <= 1.0.0 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability
Unauthenticated Stored Cross-Site Scripting XSS vulnerability discovered by Bastijn Ouwendijk in WordPress Ketchup Restaurant Reservations plugin versions = 1.0.0. Solution Deactivate and delete. This plugin has been closed as of August 29, 2022 and is not available for download. This closure is...