Lucene search
K

5 matches found

NVD
NVD
added 2022/05/23 8:16 a.m.25 views

CVE-2022-1014

The WP Contacts Manager WordPress plugin through 2.2.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to an SQL injection vulnerability...

9.8CVSS0.01568EPSS
Exploits2References1
Prion
Prion
added 2022/05/23 8:16 a.m.23 views

Sql injection

The WP Contacts Manager WordPress plugin through 2.2.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to an SQL injection vulnerability...

7.5CVSS9.7AI score0.01568EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/05/23 7:15 a.m.30 views

CVE-2022-1014 WP Contacts Manager <= 2.2.4 - Unauthenticated SQLi

The WP Contacts Manager WordPress plugin through 2.2.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to an SQL injection vulnerability...

10AI score0.01568EPSS
Exploits2References1
CVE
CVE
added 2022/05/23 7:15 a.m.119 views

CVE-2022-1014

The CVE-2022-1014 issue affects the WP Contacts Manager WordPress plugin (versions up to 2.2.4). Affected component: the plugin’s handling of POST data in SQL statements, due to inadequate sanitization, enabling SQL injection. Exploitation context shown in multiple sources (unauthenticated SQLi d...

9.8CVSS9.9AI score0.01568EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2022/05/02 12:0 a.m.219 views

WP Contacts Manager <= 2.2.4 - Unauthenticated SQLi

The plugin fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to an SQL injection vulnerability. curl 'http://127.0.0.1:8080/wp-admin/admin-ajax.php?action=WPContactsManagercall&type=get-contact' \ --data '"id":"1\u002...

9.8CVSS1AI score0.01568EPSS
Exploits2
Rows per page
Query Builder