Vulnerability Details CVE-2022-30998
Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 67.0%
CVSS Severity
CVSS v3 Score 9.1
References
- https://patchstack.com/database/vulnerability/homepage-product-organizer-for-woocommerce/wordpress-homepage-product-organizer-for-woocommerce-plugin-1-1-multiple-authenticated-sql-injection-sqli-vulnerabilities
- https://wordpress.org/plugins/homepage-product-organizer-for-woocommerce/#description
- https://patchstack.com/database/vulnerability/homepage-product-organizer-for-woocommerce/wordpress-homepage-product-organizer-for-woocommerce-plugin-1-1-multiple-authenticated-sql-injection-sqli-vulnerabilities
- https://wordpress.org/plugins/homepage-product-organizer-for-woocommerce/#description
Products affected by CVE-2022-30998
-
Homepage Product Organizer For Woocommerce Project » Homepage Product Organizer For Woocommerce » Version: N/Acpe:2.3:a:homepage_product_organizer_for_woocommerce_project:homepage_product_organizer_for_woocommerce:-
-
Homepage Product Organizer For Woocommerce Project » Homepage Product Organizer For Woocommerce » Version: 1.0cpe:2.3:a:homepage_product_organizer_for_woocommerce_project:homepage_product_organizer_for_woocommerce:1.0
-
Homepage Product Organizer For Woocommerce Project » Homepage Product Organizer For Woocommerce » Version: 1.1cpe:2.3:a:homepage_product_organizer_for_woocommerce_project:homepage_product_organizer_for_woocommerce:1.1