CVE-2022-3131

Search Logger <= 0.9 - Admin+ SQLi

CVSS 7.2 HIGHEPSS 0.9%CWE-89

The Search Logger WordPress plugin through 0.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

Unknown · Search Logger – Know What Your Visitors Search

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://wpscan.com/vulnerability/b6c62e53-ae49-4fe0-aed9-0c493fc4442d