← back
CVE-2019-14348

CVE-2019-14348

EPSS 21.1%
The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to steal, modify, or delete database information via the joomsport_season/new-yorkers/?action=playerlist sid parameter.
Affected products
n/a · n/a
public PoCs found2
cve_referencepacketstormsecurity.com/files/153963/WordPress-JoomSport-3.3-SQL-Injection.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47210unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/153963/WordPress-JoomSport-3.3-SQL-Injection.htmlhttps://hackpuntes.com/cve-2019-14348-joomsport-for-sports-sql-injection/https://wpvulndb.com/vulnerabilities/9499