CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-3243

The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not properly sanitise and escape imported data before using them back SQL statements, leading to SQL injection exploitable by high privilege users such as admin

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.3%

CVSS Severity

CVSS v3 Score 7.2

References

https://wpscan.com/vulnerability/9f03bc1a-214f-451a-89fd-2cd3517e8f8a
https://wpscan.com/vulnerability/9f03bc1a-214f-451a-89fd-2cd3517e8f8a

Products affected by CVE-2022-3243

None » None » Version:

_and_users_as_xml_&_csv:*
None » None » Version:

_orders
None » None » Version:

_post_types
None » None » Version:

_products
Smackcoders » Import All Pages » Version: Any

cpe:2.3:a:smackcoders:import_all_pages

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-3243

Products

Pricing

Contact Us