CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-1691

The Realty Workstation WordPress plugin before 1.0.15 does not sanitise and escape the trans_edit parameter before using it in a SQL statement when an agent edit a transaction, leading to an SQL injection

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.8%

CVSS Severity

CVSS v3 Score 4.9

CVSS v2 Score 4.0

References

https://bulletin.iese.de/post/realty-workstation_1-0-6
https://wpscan.com/vulnerability/f9363b4c-c434-4f15-93f8-46162d2d7049
https://bulletin.iese.de/post/realty-workstation_1-0-6
https://wpscan.com/vulnerability/f9363b4c-c434-4f15-93f8-46162d2d7049

Products affected by CVE-2022-1691

Realtyworkstation » Realty Workstation » Version: Any

cpe:2.3:a:realtyworkstation:realty_workstation:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-1691

Products

Pricing

Contact Us