Vulnerability Details CVE-2022-29411
SQL Injection (SQLi) vulnerability in Mufeng's Hermit 音乐播放器 plugin <= 3.1.6 on WordPress allows attackers to execute SQLi attack via (&id).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.7%
CVSS Severity
CVSS v3 Score 8.3
CVSS v2 Score 7.5
References
- https://patchstack.com/database/vulnerability/hermit/wordpress-hermit-plugin-3-1-6-unauthenticated-sql-injection-sqli-vulnerability
- https://wordpress.org/plugins/hermit/
- https://patchstack.com/database/vulnerability/hermit/wordpress-hermit-plugin-3-1-6-unauthenticated-sql-injection-sqli-vulnerability
- https://wordpress.org/plugins/hermit/
Products affected by CVE-2022-29411
-
cpe:2.3:a:hermit_project:hermit:-
-
cpe:2.3:a:hermit_project:hermit:3.1.6